[BlueOnyx:08867] Re: Login manager not responsive on non valid usernames?
Barry Mishkind
barry at oldradio.com
Wed Oct 19 22:09:14 -05 2011
At 05:56 PM 10/19/2011, Michael Stauber wrote:
>Hi Barry,
>
>> How many attempts will it allow? I had
>> one a couple of weeks ago that tried
>> a dictionary attack and it ran 1700 tries.
>
>You can configure that in the GUI. After 30 failed attempts in one hour (this
>is the default) it will still accept connections from the offending host. But
>even if that host then uses a valid username and password, he will still be
>denied access and gets "incorrect password" as response.
Thank you. I'm sure I am on the "default" ...
although I do see that if you miss a password
login three or four times, it goes in hosts.deny
>PAM_ABL doesn't generate firewall rules or therelike. It simply sits on top of
>the authentication mechanism PAM, which pretty much all services use.
Understood.. thanks for the clarification ...
barry
More information about the Blueonyx
mailing list