The sys admin’s daily grind: WebCalendar

BANNING BRUTES

Article from Issue 84/2007
Author(s):

Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

When users are allowed to choose passwords of their own volition, they often choose something fairly weak, like the name of a friend or pet. This predictable human behavior is something that the bad guys relish.
All an attacker needs to do is set up a loop of login attempts that references a dictionary list of passwords. After all, chances are very slight that the user has set up a password like 4G&dP9a! for the account under attack.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Sshutout and Fail2ban

    Services that require a username and password for login are potential targets for dictionary attacks. Sshutout and Fail2ban introduce time penalties for invalid attempts.

    more »
  • Charly's Column

    Easy to remember but still safe – this is the classic conflict when it comes to choosing a password. The PWGen tool offers a sensible compromise.

    more »
  • Charly’s Column: w3af

    After toiling away to create a small but exclusive website, Charly wanted to run a security scanner against it to check for vulnerabilities. The choice of tools is enormous, but Charly chose w3af.

    more »
  • Charly's Column – Whowatch

    For no particular reason, Charly occasionally patrols his server farm and hunts down attackers. He has put together a neat toolbox for this job.

    more »
  • Charly's Column

    Conventional, woodpecker-style port knocking is open to sniffing and brute force knocking attacks. Sending an encrypted packet with an access request to the server is safer and more modern. Learn more about Firewall Knock Operator, a.k.a. Fwknop.

    more »
comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF:

Charlys_Column.pdf  (94.55 kB)

DevOps

News

Tag Cloud

Administration Community Events Hardware Linux Linux New Media Linux Pro Magazine Mobile Programming Software Ubuntu Web Development Windows free software open source