On Wed, Apr 25, 2001 at 03:36:28PM +0200, Karsten W. Rohrbach wrote:
oh yes it is in control of at least the process it calls directly
(qmail-popup) which terminates nonzero on auth error
Yeah, it exits nonzero at auth error and it exists nonzero in any other
case.
See my post (to qmail list)
Kittiwat Manosuthi [EMAIL PROTECTED] writes:
Anybody know how to delay failed authentication attempts to prevent
brute force pwd cracking on POP3 server using qmail vpopmail?
You might be able to do this via PAM, if you have a checkpassword that
supports PAM (available from www.qmail.org):
On Wed, Apr 25, 2001 at 03:12:31AM +0200, Karsten W. Rohrbach wrote:
maybe add it to tcpserver?
tcpserver ist not in control of checkpassword and has no knowledge
of corrrect/incorrect user:password pairs.
The solution I would like most (and which would be rather flexible and
also working with
Markus Stumpf([EMAIL PROTECTED])@2001.04.25 14:38:38 +:
On Wed, Apr 25, 2001 at 03:12:31AM +0200, Karsten W. Rohrbach wrote:
maybe add it to tcpserver?
tcpserver ist not in control of checkpassword and has no knowledge
of corrrect/incorrect user:password pairs.
oh yes it is in control
On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote:
Anybody know how to delay failed authentication attempts to prevent
brute force pwd cracking on POP3 server using qmail vpopmail?
That is completely useless, because of concurrency.
Greetz, Peter.
On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote:
Anybody know how to delay failed authentication attempts to prevent
brute force pwd cracking on POP3 server using qmail vpopmail?
IMHO not out of the box.
But you surely could construct something in checkpassword that uses
a
Markus Stumpf([EMAIL PROTECTED])@2001.04.24 19:47:37 +:
On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote:
Anybody know how to delay failed authentication attempts to prevent
brute force pwd cracking on POP3 server using qmail vpopmail?
IMHO not out of the box.
But
Well.. that's probably the way to go. Unfortunately, it's getting out of
my league now. Anyone think this is an interesting thing to do?
-Kittiwat
From: Karsten W. Rohrbach [EMAIL PROTECTED]
Markus Stumpf([EMAIL PROTECTED])@2001.04.24 19:47:37 +:
On Tue, Apr 24, 2001 at 11:48:09AM
Anybody know how to delay failed authentication attempts to prevent
brute force pwd cracking on POP3 server using qmail vpopmail?
Sorry for cross posting.
Thanks
-kittiwat