Re: RFC: changes to default password strength checks in pam_unix
ma, 2007-09-03 kello 23:40 -0400, John Kelly kirjoitti:
> On Sep 3, Lars Wirzenius wrote:
> >That is arguably better than having passwords which can be guessed by
> >doing brute-force attackes over ssh.
>
> I stop brute force attacks by sending auth log messages to a FIFO which I
> read with a perl script. After 10 login failures, your IP is firewalled for
> 24 hours.
>
> Works great.
I'm sure it does work great. Can you work on making sure it is the
default in lenny if openssh-server is installed?
--
Talk is cheap. Whining is actually free.
Reply to: