|
|
|
| Digg |
|
|
|
Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.
When users are allowed to choose passwords of their own volition, they often choose something fairly weak, like the name of a friend or pet. This predictable human behavior is something that the bad guys relish.
All an attacker needs to do is set up a loop of login attempts that references a dictionary list of passwords. After all, chances are very slight that the user has set up a password like 4G&dP9a! for the account under attack.
|
|
|
| Related Articles | |
|---|---|
| KTools: Spam Filter | Removing spam mail with CRM114 and KMail |
| Wireless Secrets | Safe WLAN Networking with an Encrypted OpenVPN Tunnel |
| BORDERLESS AND BARRIER FREE | Gnome 2.22 overview |
| SPECIAL DELIVERY | Asynchronous delivery with WS-Addressing |
| THE WAY OF THE RAY | Enterprise Collaboration with Liferay |
| WATCHDOG | Better protection with Apache’s ModSecurity module |
| Rikki's Open Source Exchange |
|---|
|
Stop by Rikki's Open Source Exchange for dispatches from the world of women in open source.
Rikki Kite examines the experience of women across the spectrum of open source – |
Comments