cross-platform virus
Alan McKinnon
alan at linuxholdings.co.za
Mon Apr 10 09:09:54 BST 2006
On Monday 10 April 2006 03:33, John wrote:
> > Want an even better system? Don't use sudo, use su, and disable
> > all root logins. Then you need to crack one username and *two*
> > passwords.
> >
> > Then configure pam to require a really really strong root
> > password following the usual rules for that kind of thing.
>
> I suppose you want combinations of uppercase, lowercase, numersla
> dn special characters that people can't recall so they write them
> down?
Not necessarily. Just not short passwords, or something that's derived
from the username or other similar mistakes. Some uppercase is a good
idea though; to use your example below, few people will have a
problem remembering AlmaPerth
> Just stop dictionaty accounts, it's way easier. Let people have
> passwords they can remember, they don't have to be actual words. I
> imagine Alan could easily recall almaperth?
>
> How long would it take for an attack to succeed, if the rate was
> limited to three failures per hour?
Longer than the real age of the universe?
--
If only you and dead people understand hex,
how many people understand hex?
Alan McKinnon
alan at linuxholdings dot co dot za
+27 82, double three seven, one nine three five
More information about the sounder
mailing list