Thanks for all good advices. I basically concern all security issue. That is why I use TSL after my host was hacked 6 months ago. Protecting my data is the first priority. Any good techniques are welcome. Also, I wonder if basic setup of TSL is vulnerable to password cracking.
Thanks a lot. On 6/22/05, Matthias Subik <[EMAIL PROTECTED]> wrote: > > On 22.06.2005, at 10:48, Vidar Tyldum Hansen wrote: > > VoIP wrote: > How can an user account be disabled after 3 login tries? I am using SSH. > > So that if I happen to know where your box is and one of the lusers on > it (say root) I can do a denial of service attack? > Read through pam development, there are lots of source code out there that > might do what you want, > but as Vidar already noted, I would be concerned to open your box to a > denial of service attack. > > You could think about what is worse, > beeing locked out as a legitimate user, or beeing locked out b/c of a short > term memory loss, > > alternatively having somebody trying dictionary passwords, but if you allow > only cracklib check passwords for your users, that would fail ultimately. > > just my two cents > matthias > > _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
