magick.crow at gmail.com
Wed Jan 14 06:43:18 UTC 2009
> This is not as big a deterrent as you think. A typical 'brute force'
> attack nowadays is usually 6 to seven tries an IP over the course of
> weeks or months. This does two things, it narrows down potential
> usernames (and passwords) and makes it harder to protect against.
> That's why I use fail2ban. Most users don't change passwords often (or,
> indeed at all) so this type of attack is more successful than you would
> think. Granted using strong passwords helps but no matter how strong it
> is, if you don't change it regularly, it'll get hacked.
> Mark Haney
> <mhaney at ercbroadband.org>
I keep reading this bit about users not changing passwords. I am sure it is
true but Linux has options that are very easy to use that forces the users
to pick new passwords after a set amount of time. Why not just use this?
Douglas E Knapp
Amazon Gift Cards; let them choose!!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-users