Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Password policy publication
From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Tue, 28 Oct 2008 09:32:10 -0500

At 09:26 AM 10/28/2008, Shalla, Kevin put fingers to keyboard and wrote:
Doesn't this require stealing the password file, so that you can run the
brute-force attack?  Or are we protecting from sysadmins who already have
access to the password file?

Not really...I've seen brute force attempts many times in my logs.
You just try common passwords, and hope for the best.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]