Bug#751551: Reduce the default purge time for blocked hosts?

[Alex Mestiashvili]

In the new version 0.6.0 of pam-abl available in testing the default 
rule for sshd is the following:


+user_rule=*/sshd:5/1h

Do you think it is good enough as the default ?

here is the config:

http://anonscm.debian.org/cgit/collab-maint/libpam-abl.git/tree/debian/patches/update_config.patch

Thank you,
Alex


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#751551: Reduce the default purge time for blocked hosts?

[Petter Reinholdtsen]

Package:  libpam-abl
Version:  0.4.3-1
Severity: wishlist

At the moment, the default setup in /etc/security/pam_abl.conf is to
block a host for 1 day.  Why was a one day duration picked?  Would you
be willing to reduce it a bit, to for example 1 or 2 hours?

For several years, I have used denyhosts on my machines, and there I
have ended up with a 2 hour timeout, as it allow unlucky valid users
(the ones forgetting their passwords or typing the wrong one by accident
several times) a not completely unreasonable time to wait until they try
again, while still blocking all active brute force attacks.  Asking
people to wait a whole day is not going to work at least in my
environments, and would force me to manually purge entries for the
unlucky users instead of being able to trust the automatic setup.

-- 
Happy hacking
Petter Reinholdtsen


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org