Date: 29 Jul 2004 08:56:58 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Redmond Militante <r-militante@northwestern.edu> Cc: freebsd-questions@freebsd.org Subject: Re: limit login attempts with pam Message-ID: <448yd3ug2t.fsf@be-well.ilk.org> In-Reply-To: <20040727151610.GA2790@darkpossum> References: <20040727151610.GA2790@darkpossum>
next in thread | previous in thread | raw e-mail | index | archive | help
Redmond Militante <r-militante@northwestern.edu> writes: > hello > > i'm interested in configuring PAM on my 4x system so that a user is locked out of ignored if trying to log in unsuccessfully via ftp within the space of a minute or so. i'm trying to eliminate brute force attacks... > > > can anyone point me towards some good tutorials on how to do this? Good tutorials? I don't know, but there is source for the pam_tally module included in the tree on my -STABLE machine. Think it over carefully before enabling this kind of capability, though; you may be making brute force attacks somewhat harder, but a denial-of-service attack on specific users will become trivial. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org:8088/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?448yd3ug2t.fsf>