cross-platform virus
John
dingo at coco2.arach.net.au
Mon Apr 10 11:33:12 BST 2006
Alan McKinnon wrote:
>>I suppose you want combinations of uppercase, lowercase, numersla
>>dn special characters that people can't recall so they write them
>>down?
>
>
> Not necessarily. Just not short passwords, or something that's derived
> from the username or other similar mistakes. Some uppercase is a good
> idea though; to use your example below, few people will have a
> problem remembering AlmaPerth
Sure, tho I don't think it adds much...
>
>>Just stop dictionaty accounts, it's way easier. Let people have
>>passwords they can remember, they don't have to be actual words. I
>>imagine Alan could easily recall almaperth?
>>
>>How long would it take for an attack to succeed, if the rate was
>>limited to three failures per hour?
>
>
> Longer than the real age of the universe?
>
I've just been looking at
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html
_I_ control incoming ssh connexions by accepting them from only a
limited range of addresses where I'm likely to be, but for more general
use as variant this firewall rule would serve:
iptables -A FORWARD -p tcp --syn --dport 22 \
-m limit --limit 1/h -limit-burst 3\
-j ACCEPT
This would allow those who mistype their password another chance or two
while making it very difficult for you to guess my password's "fred."
This doesn't help against works or trojans tho, nor likely against
anyone else with local access.
More information about the sounder
mailing list