Intrusion Update
Damian Myerscough
damian.myerscough at gmail.com
Mon Mar 30 15:15:21 UTC 2009
Opps Sorry I didn't check the link Susmit posted.
susmit shannigrahi wrote:
>> So I'm not quite sure how to 'fix' this problem. By that I mean, even if
>> we knew this attack was going to happen I'm not totally sure of a feasible
>> solution, using only free software, that we could have used to fix it.
>> Obviously a physical rsa key or the like would have worked but I don't
>> think we have the manpower nor budget to implement such a system. So I
>> ask the list, any ideas?
>
> A single use random code/passwd mailed/texted each time one tries to
> login and invalidated just after use??
>
> Basically I am referring to RFC 2289[1]
>
> [1]http://www.ietf.org/rfc/rfc2289.txt
>
> Thanks.
>
--
Regards,
Damian Myerscough
More information about the Fedora-infrastructure-list
mailing list