Re: Have I been hacked?
On Wed 14 Jan 2015 at 18:52:06 +0900, Joel Rees wrote:
> 2015/01/13 5:17 "Brian" <ad44@cityscape.co.uk>:
> >
> > strikes me as a pretty good one for an ssh login. (I have capitalised
> > some letters for readability, not to add complexity). Personally, I find
> > it easy to remember and associate with ssh and my account. I cannot see
> > why it is not a good password for me.
>
> Just remember that fail2ban only does temporary tarpitting, and only if the
> attacks are repeated to quickly.
How about
http://whyscream.net/wiki/index.php/Fail2ban_monitoring_Fail2ban#Warning:_pick_the_right_jail
> > The automated probes wouldn't get close to cracking it.
>
> Think of a bot farm continuously hitting a crowd of targets, once a second,
> cycling through spoofed IPs, using informed strategies instead of pure
> brute force. If they can spoof one IP, they can spoof another.
Does this increase the number of connections per second?
> > The danger might
> > be a directed attack - from friends, associates, colleagues etc. If they
> > knew about my fixation on Lewis Carroll they might have a go at breaking
> > in.
>
> If they think you have something they want, people you don't know will find
> out about your interests. Blog posts, posts here, etc.
500,000.000 million on the internet at least. It's not my turn yet.
> > Actually, it would be ok as a password for banking access too. There
> > surely cannot be a banking site which does not take action after a
> > number of failed logins. Maybe not using fail2ban, but a similar
> > approach which protects both parties.
>
> Means you end up going to the bank in person, to get the lock removed.
The telephone?
People would be heavily critical if a bank did not take steps to monitor
logins and act on unusual activity.
> Banks aren't perfect, though. You could come to considerable trouble
> should, for instance, a bank employee decide to do a little investigating
> passwords in her spare time, without permission.
>
> But it's your bank account. Go for it.
I have no knowledge or control over what goes on in a bank, Why lose
sleep over worrying about it?
Reply to: