[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: changes to default password strength checks in pam_unix

ma, 2007-09-03 kello 23:40 -0400, John Kelly kirjoitti:
> On Sep 3, Lars Wirzenius wrote:
> >That is arguably better than having passwords which can be guessed by
> >doing brute-force attackes over ssh.
> I stop brute force attacks by sending auth log messages to a FIFO which I 
> read with a perl script. After 10 login failures, your IP is firewalled for 
> 24 hours.
> Works great.

I'm sure it does work great. Can you work on making sure it is the
default in lenny if openssh-server is installed?

Talk is cheap. Whining is actually free.

Reply to: