
Spotlight \| Reviews \| Current Issue \| Newsletter \| Subscribe \| Contact \|

News

Features

Blogs

RSS Feeds

White Papers

Conference Videos

Departments

Resources

Current Issue

Special Editions

Spotlight

Reviews

LUGs

Event Calendar

The sys admin’s daily grind: WebCalendar

BANNING BRUTES

Author(s): CHARLY KÜHNAST

Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

When users are allowed to choose passwords of their own volition, they often choose something fairly weak, like the name of a friend or pet. This predictable human behavior is something that the bad guys relish.
All an attacker needs to do is set up a loop of login attempts that references a dictionary list of passwords. After all, chances are very slight that the user has set up a password like 4G&dP9a! for the account under attack.

Read full article as PDF »

Comments

Digg

Wherever you go...

...Linux Magazine goes with you!

Check out the advantages of a Digital Subscription:

Access articles by downloading PDFs,
find the Linux solutions you need with an easy keyword search,
maintain your own paperless archive...

more...

In the US and Canada, Linux Magazine is known as Linux Pro Magazine.
Entire contents © 2008 [Linux New Media USA, LLC]
Linux New Media web sites:
North America: [Linux Pro Magazine]
UK/Worldwide: [Linux Magazine]
Germany: [Linux-Magazin] [LinuxUser] [EasyLinux] [Linux-Community] [Linux-Nachrichten] [Linux Events]
Eastern Europe: [Linux Magazine Poland] [Linux Community Poland] [Darmowe Programy Poland] [Open Source DVD Poland] [Linux Magazin Romania]
International: [Linux Magazine Brazil] [Linux Magazine Spanish]
Corporate: [Linux New Media AG]