From owner-freebsd-hackers  Fri Dec  5 17:29:24 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id RAA02495
          for hackers-outgoing; Fri, 5 Dec 1997 17:29:24 -0800 (PST)
          (envelope-from owner-freebsd-hackers)
Received: from zippy.dyn.ml.org (garbanzo@congo-73.ppp.hooked.net [206.169.227.73])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA02490
          for <freebsd-hackers@freebsd.org>; Fri, 5 Dec 1997 17:29:20 -0800 (PST)
          (envelope-from garbanzo@hooked.net)
Received: from localhost (garbanzo@localhost)
	by zippy.dyn.ml.org (8.8.8/8.8.7) with SMTP id RAA00767;
	Fri, 5 Dec 1997 17:29:47 -0800 (PST)
X-Authentication-Warning: zippy.dyn.ml.org: garbanzo owned process doing -bs
Date: Fri, 5 Dec 1997 17:29:46 -0800 (PST)
From: Alex <garbanzo@hooked.net>
X-Sender: garbanzo@zippy.dyn.ml.org
To: John-Mark Gurney <gurney_j@resnet.uoregon.edu>
cc: Jaye Mathisen <mrcpu@cdsnet.net>, Jim Bryant <jbryant@unix.tfs.net>,
        ircadmin@shellnet.co.uk, freebsd-hackers@freebsd.org
Subject: Re: Telnet Root access
In-Reply-To: <19971205163751.03734@hydrogen.nike.efn.org>
Message-ID: <Pine.BSF.3.96.971205172907.765A-100000@zippy.dyn.ml.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Fri, 5 Dec 1997, John-Mark Gurney wrote:

> Jaye Mathisen scribbled this message on Dec 5:
> > 
> > 
> > > man su
> > > 
> > 
> > I'm not sure how I see su helping.  If he has to telnet in as a normal
> > user, then su to root, he still has to send the root password in the
> > clear.
> 
> what it prevents is brute force password attempts to directly break
> root's acount...

Actually it doesn't really even prevent that.  Su just adds more detailed
logging of the attempts, which are more likely (IMO) to draw attention.

- alex