On Wed, 5 Oct 2005 08:34:06 -0400
Baenen Eric P Contr AFRL/HEC
Hello,
We have a number of SUSE 9.x workstations - and recently we've been mandated to have them adhere to a corporate IT security policy that requires account lockout after a certain number of incorrect login attempts.
....
Look for this under Bone-Headed Security. Imagine this policy is successfully implemented. Then *anyone* could lock anyone else out of their account (aka a DOS) simply by trying to log into it. This policy opens the door to all kinds of mischief. It would even worse if it's going to be used to log in from the internet. Then you might as well give Al Qaida an on/off switch to your email system. hth, korporal ken, civilian -- A lot of us are working harder than we want, at things we don't like to do. Why? ...In order to afford the sort of existence we don't care to live. -- Bradford Angier