Subject: Re: *why* /dev/rnd?
To: None <current-users@NetBSD.ORG>
From: Wolfgang Rupprecht <email@example.com>
Date: 10/13/1997 10:42:50
firstname.lastname@example.org (John F. Woods) writes:
> [*] The password files under the anon-ftp directory are dummies, of course,
> but (a) they do reveal a few user IDs, and (b) I just want to make life a
> little more difficult for password fishers...
It could work both ways. The /etc/password under ~ftp *could* be
filled with "tripwire" names. Names that are watched for by the the
login programs and flagged as frontal-attack attempts.
I never did bother fully implementing the trip wire aspect. (I only
ever saw breakin attempts to root, uucp, guest).
A few years ago I did have fun generating a password file of
approx. 100 or so "users" that has a nice message that one could read
if one cracked the passwords and read the plaintext passwords in UID
order. I figured that would keep the little kids amused for a