Is this a reasonable approach?
Andy Armstrong
andy at hexten.net
Wed Jan 5 11:48:18 UTC 2005
Andy Armstrong wrote:
> The module is complete and working now. It successfully rejects auth
> attempts from hosts that are responsible for excessive authentication
> failures according to a configurable set of rules.
Incidentally I assume this is what people are using for their attacks:
http://packetstormsecurity.nl/filedesc/hydra-4.5-src.tar.html
Its signature in terms of the timing of login attempts is the same as
the real attacks I've been seeing. It's also quite useful for stress
testing pam_abl :)
--
Andy Armstrong
More information about the Pam-list
mailing list