| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 441.1 | | RAB::DESAI | Jatin Desai | Mon Mar 20 1989 16:20 | 6 |
|
If this is VMS, doesn't it disable your account for sometime after X number
of unsuccesful login attempts ?
Jatin
|
| 441.2 | ...Intruder Alert, Intruder Alert... | MDVAX3::ENDSLEY | MJ Endsley, SWS @ St. Louis | Mon Mar 20 1989 17:28 | 12 |
| RE: .1
Yeah, I've been bit by this one too.
Next time it happens, SET HOST to the workstation from another system
and try the DCL command SHOW INTRUSION to see if this is the case. If
it is, you can reset it with the DELETE/INTRUSION_RECORD command.
Mike Endsley
SWS @ STO
|
| 441.3 | Intrusion, I will check | CHUNK::HENNESSY | | Tue Mar 21 1989 08:08 | 13 |
|
Yes, this is VMS V5.1.
The lockout appears to last at least over a weekend in duration.
I did it last Friday as a test, came in Monday and it was still
hung.
I will look at the intrusion state today.
Thanks,
Rich.
|
| 441.4 | PAUSE BUG?? | CSC32::E_VAETH | | Tue Mar 28 1989 15:23 | 25 |
| A customer called this morning with the same pause/locked-out question.
We determined the following:
If the user ONLY has the session manager running, then opts to pause,
and enters an invalid password....it locks up. The customer was
rebooting each time. We determined that it does let you back in
eventually, somewhere around 15 minutes or so or he could login
and dele the intrusion.
If the user has other sessions going besides the session manager,
then the sysgen parm lgi_brk_lim (which was 5 for our pvax'es) applies
and one could type in an invalid password and still get in up to
max allowed.
Is this a feature or a bug??? Even if only the session manager
is running, shouldn't logins be allowed for upto lgi_brk_lim times??
Thanks for any input,
Elin.
LST CSC/CS
|
| 441.5 | | VMSINT::PIPER | Derrell Piper - VAX/VMS Development | Wed Mar 29 1989 08:02 | 8 |
| > Is this a feature or a bug??? Even if only the session manager
> is running, shouldn't logins be allowed for upto lgi_brk_lim times??
Break-in detection for the session manager pause session routine uses
essentially the same routine that LOGINOUT uses. Is your customer sure that he
only mistyped his password once and that he had not previously mistyped it
during the initial login sequence or previous sessions?
|
| 441.6 | Complete reproducible | CSC32::G_JOHNSON | Just a nickle's worth of dreams | Wed Mar 29 1989 11:45 | 10 |
| Absolutely. We can reproduce this problem at will on any of our
pvaxen in the center. To recap. If there is a decterm, the normal
break in detection limits apply. If we have only a file view, or
nothing but the session manager, then a single bad PW will cause
the problem.
Stumped.
Greg...
|
| 441.7 | QAR city | CSSE32::MERMELL | Window Pain | Wed Mar 29 1989 13:22 | 2 |
| Sounds like QAR city to me.
|
| 441.8 | how-to on QAR question | CSC32::E_VAETH | | Thu Apr 13 1989 14:55 | 3 |
| Excuse my ignorance, but how/where do I QAR this??
|
| 441.9 | Here ya go... | GSRC::WEST | I'm just visiting this planet. | Thu Apr 13 1989 18:41 | 5 |
| I was pointed to VAXWRK::VMSNOTES conference note 2.3
-=> Jim <=-
|
| 441.10 | thanks | CSC32::E_VAETH | | Thu Apr 13 1989 20:51 | 4 |
| thanks Jim, I'll give a whirl.
elin
|