people ssh Banner
Stephen John Smoogen
smooge at gmail.com
Thu Oct 2 22:28:12 UTC 2014
On 2 October 2014 16:19, Jason L Tibbitts III <tibbs at math.uh.edu> wrote:
> >>>>> "SJS" == Stephen John Smoogen <smooge at gmail.com> writes:
>
> SJS> In this case that would be close to a hundred thousand accounts
> SJS> linked to /bin/noshellforyou for the 3200 that are cla+1.
>
> Just stating a solution. It would actually work, after all. Whether
> it's worth the annoyance and any potential security exposure, I don't
> know. But if you want to display something to CLA+0 people but not
> CLA+1 people then, well, I believe that is the only way to do it.
>
> SJS> In the past that was a great way to DOS a machine..
>
> Maybe back in 1994 or something. I really doubt this is a consideration
> these days.
>
>
Well 2008. It was having too many unused accounts with too little memory to
deal with having a good many of them looked up at the same time. In that
case it was a ssh bot and then compounded by a student saying "hey let me
go through ldap and login in and see how many people have the password
password. And an account system which had accounts for students since 1980
in it (most of them set to /bin/nologin)
> - J<
>
--
Stephen J Smoogen.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20141002/f16bcb28/attachment-0001.html>
More information about the infrastructure
mailing list