Re: Account Lockout in Solaris 8

kenneth.l.denski_at_us.pwc.com
Date: 10/16/03

  • Next message: Hal Flynn: "Administrivia: Your response requested" 
    To: klp@tc.umn.edu
Date: Wed, 15 Oct 2003 17:28:11 -0700

    Thanks to everyone who responded to my question re: Solaris account
    lockout. Lots of great answers, I am going to evaluate all of the
    possibilities and come up with a solution.

    Ken Denski

                                                                                                                                           
                          Kevin L Prigge
                          <klp@tc.umn.edu> To: Kenneth L Denski/US/ABAS/PwC@Americas-US
                          10/14/2003 09:28 cc: focus-sun@securityfocus.com
                          AM Subject: Re: Account Lockout in Solaris 8
                                                                                                                                           
                                                                                                                                           
                                                                                                                                           

    On Tue, Oct 14, 2003 at 04:09:38PM -0000, Kenneth Denski wrote:
    >
    >
    > Does anyone know if it is possible to implement account lockouts in Sun
    Solaris 8? I want to set it so that after 3 bad login attempts, the user is
    locked out and must be reset by the Admin.
    >
    > Is there any way to do this?

    Not with stock Solaris 8, AFAIK. I'm guessing you've been tasked
    with implementing this based on a requirement from your Audit area.

    Make sure they know that there are real DOS possibilities with a
    scheme such as this, and just because this functionality was available
    on IBM mainframes, it doesn't make it a good or useful idea. 

    --
Kevin Prigge, SCNA            #
Internet Services             #
University of Minnesota       #
_________________________________________________________________
         The information transmitted is intended only for the person or
         entity to which it is addressed and may contain confidential
         and/or privileged material.  Any review, retransmission,
         dissemination or other use of, or taking of any action in reliance
         upon, this information by persons or entities other than the
         intended recipient is prohibited.   If you received this in error,
         please contact the sender and delete the material from any
         computer.
  • Next message: Hal Flynn: "Administrivia: Your response requested"

    Relevant Pages

    • Re: Account lockout support in Solaris 10 when authenticating against Kerberos
      ... So your point is that the account lockout feature is really not part of Kerberos, but part of Solaris? ...
      (comp.protocols.kerberos)
    • Fwd: Solaris 10 x86 HIDS
      ... Subject: Solaris 10 x86 HIDS ... with real-world attacks from CORE IMPACT. ... delivery of this message to an intended recipient), ...
      (Focus-IDS)
    • SVM and SDS
      ... I am trying to figure out whether the Diskset capability in SVM (Solaris ... This correspondence is for the intended recipient only. ... Any views expressed in this message are those of the individual sender, ...
      (SunManagers)
    • Re: Fwd: Solaris 10 x86 HIDS
      ... Not quite a hids but does Tripwire count? ... They have Freeware agents for solaris? ... with real-world attacks from CORE IMPACT. ... delivery of this message to an intended recipient), ...
      (Focus-IDS)
    • (Fwd) DBD::Oracle
      ... 9.2.0.X CLIENT using the perl that comes with Solaris? ... I loaded a trial of Sun's compiler suite to get this in. ... If the reader of this message is not the intended recipient, ... distribution or copying of this communication is strictly prohibited. ...
      (perl.dbi.users)