Re: Hacks



Nick Leverton wrote:
Sadly port 22 scans are very common these days, if you let them they
will sit there trying different logins (and presumably passwords) for
minutes or even hours.

Its a pity Linux has never picked up on an old DEV VMS trick - so old that DEC invented it to piss off crackers by running their phone bills as high as possible.

After three failed logins the login program was swapped for another program that looked to the outside world just like a real login but was a dummy, so no matter what user/password combo the cracker tried he always got an "invalid user name/password" response followed by another login prompt.

Once triggered, this behavior could only be switched back to normal by the sysadmin.

On a similar thread, I've often wondered why (on Fedora / Gnome) disabling the Shutdown / Reboot options on the login splash screen also disables them on the logout menu and why there's no option to restrict them to just root's logout menu. I'd prefer to have them available only on root's logout menu.


--
martin@ | Martin Gregorie
gregorie. | Essex, UK
org |
.