The sys admin’s daily grind: WebCalendar
BANNING BRUTES
Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.
When users are allowed to choose passwords of their own volition, they often choose something fairly weak, like the name of a friend or pet. This predictable human behavior is something that the bad guys relish.
All an attacker needs to do is set up a loop of login attempts that references a dictionary list of passwords. After all, chances are very slight that the user has set up a password like 4G&dP9a! for the account under attack.
Read full article as PDF:
Charlys_Column.pdf (94.55 kB)Tag Cloud
News
-
Munich Adopts Kolab
The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open-source groupware solution.
-
Canonical Announces Ubuntu Smartphones
Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.
-
Piviti Seeks Funding
Donors will get to vote on new features for the free video editor.
-
Debian Tech Committee Votes for systemd
Debian project puts init out to pasture and says no to Ubuntu's Upstart.
-
The Mask: Scary New Face of Internet Intrusion
Ultra-sophisticated attack tool might have originated from a state-sponsored intelligence service.
-
Epoch 1.0 Released
New alternative for init comes with a small footprint and minimal configuration.
-
Wayland 1.4 Challenges X11
X marks the target for the next-generation windowing system.
-
Red Hat Adopts CentOS
Super-clone CentOS Linux gets beamed up to the mother ship.
-
W3C Promotes Media Source Extensions
HTML technology will enable new video editing and playback options.
-
Valve Announces SteamOS Beta
New Linux distro is optimzed for gaming.