Or you could enable AREA and pass all of the authentication to an external app that does a better job of locking out brute force attempts
-----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Lee Phillippi Sent: Wednesday, January 17, 2007 9:58 AM To: [email protected] Subject: Re: Remedy Vulnerability You need 7.0 mid tier and AR server to be secure. Previous versions are a joke. The error message tells you if the account exists and they allow unlimited attempts to hack the password. 7.0 was developed to meet government requirements. You need both 7.0 mid tier and 7.0 AR server. You can't upgrade just one or the other and be secure. ____________________________________________________________________________ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
