Found, a new rootkit

[Neil Cherry]

John Summerfield wrote:

> There is quite a deal of well-reasoned debate about what constitutes a 
> good password.

> "bismcoles" would probably be easy for Bill Smith to remember, and would 
> certainly defy any dictionary attack. As would "bluewatermelon."

Both of these could be part of a dictionary attack. Consider most
straight plain text to be part of a dictionary attack.

> The expect package has a password generator that creates passwords like 
> this, but again they're hard to remember: "et3tUfGd."

A better example is Blu3w4terme7on, easier to remember but you need
to come up with some kind of rules for remembering it. For myself, I
prefer passphrases. I find them easier to remember, such as
mUst4rd&Tuna_F1sh. A silly example but I've used sillier. Sometimes
funnier works well (easy to remember).

> A reasonable security system would shut down the login process for a 
> time after some number of consecutive failed login attempts. It's a rule 
> that's been around for a long time, it's even in Linux, but implemented 
> poorly.

I've used pam_abl and it works quite well, it's 3 strikes (adjustable)
and you're locked. It can automatically unlock after a setting of time
and has additional features which make it pretty flexible.

-- 
Linux Home Automation         Neil Cherry       ncherry at linuxha.com
http://www.linuxha.com/                         Main site
http://linuxha.blogspot.com/                    My HA Blog
http://home.comcast.net/~ncherry/               Backup site