Re: [courier-users] How to track failed authentication attempts?

Michelle Konzack Tue, 15 Feb 2011 15:34:48 -0800

Hello Alessandro Vesely,

Am 2011-02-15 11:57:34, hacktest Du folgendes herunter:
> Ipqbdb has similar functionality --Linux only.  Neither of them would
> resist against distributed attacks, though.


Why?  If you get three failure per IP in a certain time it is blocked...

I use "fail2ban" to get rid of more then 10.000 attempts per day in form
of dictionary attacks (most of them try arround 200  login  attempts  in
serie)

> Built-in tarpit works well against timid attackers.  Determined
> crackers quickly reach the maximum connection limit and may hold it
> indefinitely.  I hope we'll have refined better countermeasures by the
> time well crafted attacks will come.  For example, we could block
> logins, from any IP address, for users affected by more than N failed
> logins since the last password change.

You mean you want to count and store the failures over years?

I have not changed my password since more then 10 years  because  it  is
too complex to become hacked  :-D  but I have mistyped my password  many
times because it is very long...  If peoples  sitting  byside  me,  they
where never able to memorize it...  Hahaha!

Thanks, Greetings and nice Day/Evening
    Michelle Konzack

-- 
##################### Debian GNU/Linux Consultant ######################
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsystems@tdnet France EURL       itsystems@tdnet UG (limited liability)
Owner Michelle Konzack            Owner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz                 Kinzigstraße 17
67100 Strasbourg/France           77694 Kehl/Germany
Tel: +33-6-61925193 mobil         Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

<http://www.itsystems.tamay-dogan.net/>  <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/>         <http://www.can4linux.org/>

Jabber [email protected]
ICQ    #328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/

signature.pgp
Description: Digital signature

------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb

_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] How to track failed authentication attempts?

Reply via email to