[pubcookie-users] Pam for ever!
Maurizio Marini
maumar at datalogica.com
Fri Apr 15 02:43:29 PDT 2005
On Friday 15 April 2005 11:15 am, caleb racey wrote:
> Hi folks
>
> Have been asked about monitoring pubcookie to ensure that people aren't
> dictionary attacking to try and crack username password stores. Tools
In relation to this field, i would add my experience: i have (some years ago)
hacked pubcookie to use pam_ldap, with all pam features; between them:
password expiring (pam accounting), password change, pam_crack and pam_tally;
i think that pam_tally is a good enhancement against attacks like in your
post; i would add (my very modest opinion) that pam authentication should be
a must for pubcookie, generally speaking!
Maurizio
--
Maurizio Marini GSM +39-335-8259739
Fano: +39-0721-855285 Milano +39-02303123406
S. Costanzo: +39-0721950396 IAXTel: (700) 350-1234
Crashing is the only thing windows does quickly.
More information about the pubcookie-users
mailing list