| 1 |
Well, when one of my servers got brute forced it was 5+ computers doing it |
| 2 |
at a time in 10 second intervals... |
| 3 |
|
| 4 |
On 8/26/05, Michael Crute <mcrute@×××××.com> wrote: |
| 5 |
> |
| 6 |
> On 8/26/05, Fernando Meira <fmeira@×××××.com> wrote: |
| 7 |
> > |
| 8 |
> > |
| 9 |
> > You're lacking optimism... Of course the brute-force attack was not |
| 10 |
> > supposed to be done remotely! You can pull passwd to your local machine and |
| 11 |
> > the let your computer handle it without interruptions. If some proprieties |
| 12 |
> > of the password are known beforehand, then sooner would be a matter of hours |
| 13 |
> > and later a couple of days. This is not even putting into the game some |
| 14 |
> > distributed computing... |
| 15 |
> > |
| 16 |
> > |
| 17 |
> True, but if you use shadow to store your passwords your in much better |
| 18 |
> shape since the average hacker can't get a hold of the root owned shadow |
| 19 |
> file. |
| 20 |
> |
| 21 |
> -Mike |
| 22 |
> |
| 23 |
> -- |
| 24 |
> ________________________________ |
| 25 |
> Michael E. Crute |
| 26 |
> Software Developer |
| 27 |
> SoftGroup Development Corporation |
| 28 |
> |
| 29 |
> Linux, because reboots are for installing hardware. |
| 30 |
> "In a world without walls and fences, who needs windows and gates?" |
| 31 |
> |
Archives