Bugtraq mailing list archives
Re: Write-only devices (Was read only devices)
From: weave () hopi dtcc edu (Ken Weaverling)
Date: Thu, 27 Jun 1996 12:24:29 -0400
On Thu, 27 Jun 1996, J.R.Valverde (jr) wrote:
FTP: failed login attempt for user "pAsSwOrD" FTP: successful login for user "user" two seconds later
I always wondered why the heck this happens. While knowing what account is being attempted is valuable, why the heck doesn't the code just try and see if pAsSwOrD is a valid account name? If it isn't, don't display it or say "failed login attempt for an undefined system user." If the attempt was to a valid account name, then record that info. If one of your users is using another account name as a password, your obviously not appending your list of user account names to your Crack dictionary.
Current thread:
- Re: Write-only devices (Was read only devices), (continued)
- Re: Write-only devices (Was read only devices) DevilBunny (Jun 25)
- BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl CERT Advisory (Jun 26)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 26)
- Re: Write-only devices (Was read only devices) Dave Kinchlea (Jun 26)
- Re: Write-only devices (Was read only devices) DevilBunny (Jun 25)
- Re: Write-only devices (Was read only devices) Paul C Leyland (Jun 24)
- Re: Write-only devices (Was read only devices) Peter Jeremy (Jun 24)
- Re: Write-only devices (Was read only devices) neill (Jun 24)
- Re: Write-only devices (Was read only devices) Adam Bauer (Jun 25)
- Re: Write-only devices (Was read only devices) Gary Howland (Jun 26)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Jonathan Lemon (Jun 27)
- Re: Write-only devices (Was read only devices) Roderick Murchison, Jr. (Jun 27)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 27)
- Re: Write-only devices (Was read only devices) Casper Dik (Jun 27)
- Re: Write-only devices (Was read only devices) aleipold () clark net (Jun 27)
- Re: Write-only devices (Was read only devices) Robert Banz (Jun 28)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Valdis.Kletnieks () vt edu (Jun 28)