HPE Community
Operating System - HP-UX
1846977 Members
4176 Online
110257 Solutions
New Discussion

Re: security trusted systems

 
Adam Noble
Super Advisor

‎02-23-2004 03:04 AM

‎02-23-2004 03:04 AM

security trusted systems

I have two systems both of them trusted and both appear to have max login retries set to 3. What I can't understand is that on what system the root login behaves as I would expect i.e locks after 3 failed attempts yet on the other it does not. I am trying to determine what is causing this, has anybody got an idea? They are both 11i systems!
0 Kudos
Reply
7 REPLIES 7
Stefan Farrelly
Honored Contributor

‎02-23-2004 03:07 AM

‎02-23-2004 03:07 AM

Re: security trusted systems

use the getprpw command to compare root on both to see all its security policy settings (and modprpw to set them) - or else use sam and view the security policies that way. They must be different.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎02-23-2004 03:08 AM

‎02-23-2004 03:08 AM

Re: security trusted systems

Hi,

"root" on the other system may not be following the default system settings. To find it out run

getprpw -m umaxlntr root

On both the systems and see the difference.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
RAC_1
Honored Contributor

‎02-23-2004 03:09 AM

‎02-23-2004 03:09 AM

Re: security trusted systems

Compare the outout of following command on both machines.

/usr/lbin/getprpw -m umaxlntr root
There is no substitute to HARDWORK
0 Kudos
Reply
Dave Hutton
Honored Contributor

‎02-23-2004 03:10 AM

‎02-23-2004 03:10 AM

Re: security trusted systems

You can also look at:
/root # cat /tcb/files/auth/system/default
default:\
:d_name=default:\
:d_boot_authenticate@:\
:u_pwd=*:\
:u_owner=root:u_auditflag#-1:\
:u_minchg#1728000:u_maxlen#10:u_exp#31536000:u_life#32400000:\
:u_llogin#7776000:u_pw_expire_warning#1728000:u_pswduser=root:u_pickpw:\
:u_genpwd@:u_restrict:u_nullpw@:u_genchars@:\
:u_genletters@:u_suclog#0:u_unsuclog#0:u_maxtries#5:\
:u_lock:\
:t_logdelay#2:t_maxtries#10:t_login_timeout#0:\
:chkent:


Whats your u_maxtries# number?

My guess is the same, you can set global policys or user policys. My guess is the global one isn't quite right.

Dave
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎02-23-2004 03:10 AM

‎02-23-2004 03:10 AM

Re: security trusted systems

You have someone ELSE trying to log in as root.

Only getting two tries with root was the first sign someone was trying to hack my educational HP-9000 server.

Attaching a script to keep an eye on this.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Adam Noble
Super Advisor

‎02-23-2004 03:13 AM

‎02-23-2004 03:13 AM

Re: security trusted systems

OK I get a return of 0 on the server that appears to be allowing unlimited retries does this make sense....and how do you guys respond very scarey but much appreciated.
0 Kudos
Reply
Darren Prior
Honored Contributor

‎02-23-2004 03:13 AM

‎02-23-2004 03:13 AM

Re: security trusted systems

Hi,

I'd suggest that you check using getprpw whether they really do both have maxtries set to 3. Are you logging in to both systems in the same way - ie at the console or at a terminal or at the same type of session?

regards,

Darren.

PS: don't forget to assign points to those that have helped you. It helps determine which answers are useful, and is a tiny reward for those that have given up their time to help you.
Calm down. It's only ones and zeros...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.