The sys admin’s daily grind: WebCalendar

BANNING BRUTES

Author(s): CHARLY KÜHNAST

Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

When users are allowed to choose passwords of their own volition, they often choose something fairly weak, like the name of a friend or pet. This predictable human behavior is something that the bad guys relish.
All an attacker needs to do is set up a loop of login attempts that references a dictionary list of passwords. After all, chances are very slight that the user has set up a password like 4G&dP9a! for the account under attack.

Our Services

Read full article as PDF » Charlys_Column.pdf (94.55 kB)

comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF » Charlys_Column.pdf (94.55 kB)

News

FSF Outs the World Wide Web Consortium over DRM Proposal

Richard Stallman calls for the W3C to remain independent of vendor interests.
Debian 7.0 Debuts

The new release supports nine architectures, 73 human languages, and zero non-Free components.
Alpha Version of Fedora 19 Released

Fedora developers release the first alpha version of Fedora 19, known as Schrödinger’s Cat, for general testing. The final release is expected in July 2013.
ack 2.0 Released

ack is a grep-like, command-line tool that has been optimized for programmers to search large trees of source code.
SUSE Studio 1.3 Released

SUSE

New features in SUSE Studio 1.3 include enhanced cloud integration, VM platform support, and lifecycle management.
Xen To Become Linux Foundation Collaborative Project

AMD , Citrix , google , Intel , Oracle

The Linux Foundation recently announced that the Xen Project is becoming a Linux Foundation Collaborative Project.
RunRev Releases Open Source Version of LiveCode

Android , linux , Mac , Windows

Open source version of LiveCode is now available for developing apps, games, and utilities for all major platforms.
OpenDaylight Project Formed

Citrix , IBM , Microsoft , Red Hat , VMware

OpenDaylight is an open source software-defined networking project committed to furthering adoption of SDN and accelerating innovation in a vendor-neutral and open environment.
Gnome 3.8 Released

Gnome , ownCloud

The new Gnome release includes privacy and sharing settings, allowing more user control over access to personal information.
Mozilla and Samsung Collaborate on New Browser Engine

Mozilla , samsung

Mozilla is collaborating with Samsung on a new web browser engine called Servo.