Displaying 1 result from an estimated 1 matches for "min_login_time".
2008 Jun 12
2
Request for added functionality - tracking and blocking attacks
...ogin attempts from
blacklisted IP addresses, but would simply fail them all, even if
a valid username/password pair was sent. This would serve to tie
up the attacker without offering any chance of a break in by a lucky
password guess.
8. Lastly, in order to bog down the attacker even further,
MIN_LOGIN_TIME seconds
would set the minimum time for a response to a login attempt.
The default would be 0 seconds. For remote servers, which only
need to be accessed via ssh for administration on rare occasions, this
might be set to 10, 20, or even 60 seconds.
An argument could be made that most of this blac...