Re: Brute force attack, exponential delay for reconnect?
From: S P Arif Sahari Wibowo (arifsaha_at_yahoo.com)
Date: 05/31/05
- Previous message: David Magda: "Re: scp/sftp : how to allow GET only ?"
- In reply to: Unruh: "Re: Brute force attack, exponential delay for reconnect?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 30 May 2005 21:14:29 -0400
Unruh wrote:
> Make sure your users have good passwords. Eg make sure that cracklib
> is used to test the password. User names are assumed public knowledge.
> It is the password that is most important.
I knew that. But I am looking for some methods to slow down the attack.
Thanks though.
>>I think one good way to reduce the attack is having controllable delay
>>between reconnection from same IP. Ideally the delay should
>>exponentially increase for every failed login attempt. Is there any
>>configurations or patches that will allow such thing?
--
Stephan Paul Arif Sahari Wibowo
_____ _____ _____ _____
/____ /____/ /____/ /____
_____/ / / / _____/ http://www.arifsaha.com/
- Previous message: David Magda: "Re: scp/sftp : how to allow GET only ?"
- In reply to: Unruh: "Re: Brute force attack, exponential delay for reconnect?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
