Gentoo Archives: gentoo-user

From: Frank Schafer <frank.schafer@×××××××××.cz>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Forgotten root password on remote system
Date: Fri, 26 Aug 2005 14:13:31
Message-Id: 1125065256.5828.11.camel@localhost.localdomain
In Reply to: Re: [gentoo-user] Forgotten root password on remote system by Fernando Meira
1 On Fri, 2005-08-26 at 09:45 +0000, Fernando Meira wrote:
2 > On 8/26/05, Frank Schafer <frank.schafer@×××××××××.cz> wrote:
3 > IYpi3tbduwbfwm
4 >
5 > Such a password can't be cracked by brute force.
6 >
7 > ... and it's easy to remember.
8 >
9 > If Your password is 3 times better, don't use words brute
10 > force won't
11 > matter.
12 >
13 > Well.. that just depends on how strong the password was! A brute-force
14 > attack would get there.. sooner or later!! For being sooner than
15 > later, the idea was to provide the attack with accurate
16 > characteristics of the password: number of chars, alphanumeric, upper
17 > and lower-case.. and such things..
18 >
19
20 Hmmm, I think the example password should be strong enough but You are
21 right. Sooner or later it will come in (if sooner is something amongst
22 some hundreds of years and later something amongst some thousands ;)
23 BTW: There isn't only the password. There are log analyzers too.
24 Let such an analyzer catch auth failure - say 20 times within less than
25 half an hour - for root remote, then it can block access from this IP,
26 if it catches local auth failure for root - 20 times within less than
27 half an hour - it can logaut the user (kill his login shell) and block
28 the account. Mine does so. Well, in this case the sooner is something
29 amongst some millions of years and the later something amongst some
30 trillions.
31 ... but this already goes into the direction of IDS.
32
33 --
34 gentoo-user@g.o mailing list

Replies

Subject Author
Re: [gentoo-user] Forgotten root password on remote system Fernando Meira <fmeira@×××××.com>
Re: [gentoo-user] Forgotten root password on remote system William Kenworthy <billk@×××××××××.au>