[10869] in bugtraq
rh6 remote user discovery.
daemon@ATHENA.MIT.EDU (Razathorn)
Mon Jun 21 13:15:03 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990621015939.A7945@munchies.localdomain>
Date: Mon, 21 Jun 1999 01:59:39 -0500
Reply-To: Razathorn <fileland@SOUND.NET>
From: Razathorn <fileland@SOUND.NET>
To: BUGTRAQ@NETSPACE.ORG
This may sound trivial.. but since a recent ssh / rh issue was posted.. I
figured I should inquire about the following:
when one telnets into a rh6 box, and enters a valid user name, with a blank
password... it takes three attempts before the connection is closed.
if one uses a bogus user... it takes four attempts with blank passwords.
I belive this falls under the same curtian as ssh... if so.. is this
a pam issue.. and is it fixed via the same route as ssh?
Wayne
--
[ Razathorn <fileland@sound.net> ]
[ PGP public key http://www.sound.net/~fileland/pubkey.shtml ]
[ Finger Print: B8 9B 4B F5 67 1C A3 86 2F 91 F2 81 08 08 79 49 ]
