CD-X 3

home *** CD-ROM | disk | FTP | other *** search

/ CD-X 3 / cdx_03.iso / shutils / dos / sentry22.arj / SENTRY.INI < prev next >

Wrap

Text File | 1995-09-01 | 8.3 KB | 334 lines

************************************* * * * Sentry 2.2 Initialization file * * * ************************************* [ Sentry V2.2 ] * PassFile * * This contains the location of the password file. The password file * should be kept somewhere safe, tucked away from prying eyes. * NOTE: You should change the name of the file from Sentry.pwd to some * other, inconspicuous name. Potential intruders will search for the * Sentry.pwd file. You can hide it under misleading names such as * file_id.diz, chklist.ms, warm.com etc etc. * * Default: * PassFile=c:\Sentry\Sentry.pwd PassFile=c:\Sentry\Sentry.pwd * LogFile * * This contains the location of the log file. The log file * should also be hidden away in the same manner described above. * * Default: * LogFile=c:\Sentry\Sentry.log LogFile=c:\Sentry\Sentry.log * MinPasswordLen * * Sets the minimum length for passwords and logins. * NOTE: A value of 4 should be the absolute minimum for MinPasswordLen. * A value of 5 or 6 would be even better. Short passwords are much * easier to stumble across since less attempts have to be made before it * is guessed. * * Default: * MinPasswordLen=4 MinPasswordLen=4 * MaxPasswordLen * * Sets the maximum length for passwords and logins. * * Default: * MaxPasswordLen=15 MaxPasswordLen=15 * MaxTries * * Sets the maximum times a user can attempt to log in before being * locked out. * NOTE: This should not be set too high. It is very rare for a * legitimate user to botch a login attempt 3 times in a row. A potential * intruder will usually have to make many attempts before getting * anywhere. Setting MaxTries to around 3 will slow him down greatly, as * he will have to reset after 3 failed attempts. * * Default: * MaxTries=3 MaxTries=3 * WaitTime * * Sets the delay in seconds to wait after the user fails to log in. * NOTE: Setting the WaitTime to 3 or above greatly slows any methodical * attempt to guess or discover passwords. It offers little inconvenience * to the end users while providing added security. * * Default: * WaitTime=3 WaitTime=3 * SetPassKey * * Sets the "key" to enter as a password to change passwords. * * Default: * SetPassKey=passwd SetPassKey=passwd * PasswordExpiresIn * * Sets the number of days a password is good before it expires. * NOTE: It is a good idea to have PasswordExpiresIn set to between 180 * and 365. Anything over a year is a security risk due to age. * Anything under half a year is a risk because people will tend to * forget their passwords and start writing them down. This setting * should depend on how busy your system generally is. * * Default: * PasswordExpiresIn=365 PasswordExpiresIn=365 * WrongPassword * * This sets the message to be displayed when a user enters the wrong * password. * NOTE: It is a good idea to keep WrongPassword and WrongLogin the same. * Otherwise, a potential intruder will know when he has found an account * (IE: If Sentry responds with "Invalid Password" he knows the login was * correct). Keeping the two the same prevents an attacker from knowing * if he even has the correct login. * * Default: * WrongPassword="Invalid Login." WrongPassword="Invalid Login." * WrongLogin * * This sets the message to be displayed when a user enters the wrong * login. * * Default: * WrongLogin="Invalid Login." WrongLogin="Invalid Login." * PasswordLength * * This sets the message to be displayed when a user enters a password of * invalid length. * NOTE: It is also wise to keep PasswordLength and LoginLength the same * as WrongPassword and WrongLogin. This will prevent a potential * attacker from knowing how long a password or login is set to be on * your system. (Knowing the length of a password can greatly decrease * the amount of time required to crack it). * * Default: * PasswordLength="Invalid Login." PasswordLength="Invalid Login." * LoginLength * * This sets the message to be displayed when a user enters a login of * invalid length. * * Default: * LoginLength="Invalid Login." LoginLength="Invalid Login." * LogWrongPassword * * This sets the message to be saved to the log file when a user enters * the wrong password. * * Default: * LogWrongPassword="User entered the wrong password." LogWrongPassword="User entered the wrong password." * LogWrongLogin * * This sets the message to be saved to the log file when a user enters * the wrong login. * * Default: * LogWrongLogin="User entered the wrong login." LogWrongLogin="User entered the wrong login." * LogPasswordLength * * This sets the message to be saved to the log file when a user enters a * password of invalid length. * * Default: * LogPasswordLength="Invalid Password Length." LogPasswordLength="Invalid Password Length." * LogLoginLength * * This sets the message to be saved to the log file when a user enters a * login of invalid length. * * Default: * LogLoginLength="Invalid Login Length." LogLoginLength="Invalid Login Length." * Windows * * The Windows flag is set if you wish to run Sentry from Windows. * Technically, this allows Sentry to open up a DOS shell after a * successful login. Setting this option to 1 has no effect on normal * use, and is not a security risk. * (0=Do Not Run In Windows, 1=Run In Windows) * * Default: * Windows=1 Windows=1 * ShowTitle * * This determines if the intro screen is displayed or not. You may * choose not to display the title information if you don't want users to * know what program you are using. On the other hand, the registration * information sould be displayed for authenticity's sake. I have added * this option because security comes before all else. * (0=Not Displayed, 1=Displayed) * * Default: * ShowTitle=1 ShowTitle=1 * DateFormat * * This will allow you to have dates displayed in different formats. Some * people prefer different formats than others, so this will allow you * to define the way dates are displayed. * (0=MM/DD/YYYY, 1=DD/MM/YYYY) * * Default: * DateFormat=1 DateFormat=1 * CaseSensitive * * This sets the case sensitivity. If "Case Insensitive" is selected, * "Sentry" "sentry" and "SENTRY" are all treated as the same at the * login prompt. If case sensitivity is enabled, the three are all * treated as different logins. * (0=Case Sensitive, 1=Case Insensitive) * NOTE: Using "Case Insensitive" reduces the number of allowable logins, * and increases the probability of an attacker getting a correct login. * Still, some people find it easier to work with Case Sensitivity off. * * Default: * CaseSensitive=0 CaseSensitive=0 * Colour * * This determines if colour will be displayed by Sentry or not. Some * laptop users may wish to use the black and white setting for better * readability. * (0=Black and White, 1=Colour) * * Default: * Colour=1 Colour=1 * COLOURS: * * 0 - Black * 1 - Blue * 2 - Green * 3 - Cyan * 4 - Red * 5 - Magenta * 6 - Brown * 7 - Light Gray * 8 - Dark Gray * 9 - Light Blue * 10 - Light Green * 11 - Light Cyan * 12 - Light Red * 13 - Light Magenta * 14 - Yellow * 15 - White * TextColour * * You can set TextColour to the value of the colour you wish normal text * to appear in. Colour values are shown in the chart above. * * Default: * TextColour=15 TextColour=15 * TextBackground * * You can set TextBackground to the value of the colour you wish normal text * to have as a background. Colour values are shown in the chart above. * * Default: * TextBackground=0 TextBackground=0 * HighColour * * You can set TextColour to the value of the colour you wish highlighted * text to appear in. Colour values are shown in the chart above. * * Default: * HighColour=14 HighColour=14 * HighBackground * * You can set HighBackground to the value of the colour you wish * highlighted text to have as a background. Colour values are shown in the * chart above. * * Default: * HighBackground=4 HighBackground=4 * InvalidLogins * * This sets the default number of consecutive invalid logins possible * before an account is locked out. Only a SuperUser can subsequently * unlock an account. * * Default: * InvalidLogins=10 InvalidLogins=10