On Wed, Feb 13, 2002 at 07:06:56AM +0000, [EMAIL PROTECTED] wrote: > Anyone out there who can tell me, if its possible > to limit the attempts to authentificate to popper, > in that way if too many user / pass commands are send > vi telnet port 110, popper kills the connection or refuses > to accept more login retries for this session ?
Qpopper only allows a single user/password attempt per connection, and provides a fairly long timeout before responding with a error message on an authentication failure. It responds to any username as if potentially valid (whether or not it exists) with a password prompt to avoid leaking info about which accounts really exist. It will also syslog the message "Possible probe of account xxxxxx." if a connection quits at the password prompt. However, it does not keep enough history to detect repeated unsuccessful attempts to login to the same account via a dictionary attack. If you invoke qpopper via inetd or xinetd, your version of that program should allow you additional rate limiting on connections from a single IP. -- Clifton -- Clifton Royston -- LavaNet Systems Architect -- [EMAIL PROTECTED] WWJD? "JWRTFM!" - Scott Dorsey (kludge) "JWG" - Eddie Aikau
