On Thu, Oct 17, 2002 at 02:16:34PM -0700, Nicholas C. Weaver wrote: > UC Berkeley runs a fairly open network (*GASP*, no firewall). > > Lately, many users have been experiencing a minor but annoying DOS > attack: The windows system's authentication procedures, after X failed > password tries, locks out the account for 30 minutes. Someone or some > group is doing large scale password guessing which is resulting in > many users being unable to log in in the morning, until this timeout > passes. > > Question: Have those in other universities or other generally open > computing environments noticed a similar trend? Is this the work of > an attacker trying to brute-force passwords or a deliberate DOS > attempt? There has been quite the rash of it on my campus. From what I have seen it is "only" trying to brute-force the passwords. A few of our machines with "unchallanging" Administrator passwords have been turned into DVD movie servers. That lock-outs happen is a side effect. Possibly an amussing side effect (from the crackers point of view), but a side effect non the less. ----------------------------------------------------------------------- __o Bradley Arlt Security Team Lead _ \<_ arltat_private University Of Calgary (_)/(_) I should be biking right now. Computer Science ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Oct 17 2002 - 23:16:22 PDT