On Tue, 25 Oct 2016 17:48:45 +0300, Sampsa Laine wrote:
Also, is renaming the SYSTEM account likely to break
stuff? They seem to be
targeting that specific username so I figured I?d change it to STALIN or
something?
Instead of renaming it, you may want to disable interactive logins for the
SYSTEM account altogether, or you may want to investigate about tightening
timeouts for the intrusion detection function (see SHOW INTRU command), so
that VMS will not allow logins from accounts for which a certain threshold
has been reached, even if the attacker guesses the password. :)
HTH,
G.