Displaying 4 results from an estimated 4 matches for "unguess".
Did you mean:
guess
2005 Jun 29
1
sshd_config parameter to deal with multiple failed logins
Does anyone know if there are plans to give sshd the ability to block
further login attempts from a particular IP address/block after a set
number of failed logins? I'm sure lots of other admins have seen their
system logs full of attempts by hackers probing with lists of sample
usernames. I know there is a Python script which uses TCP wappers to
achieve this by editing
1998 Mar 11
4
Re: Towards a solution of tmp-file problems
...mlink that has the "${" sequence
embedded.
Randolph Bentson (bentson@grieg.holmsjoen.com) wrote:
> The "link" operation is atomic and fails even for root if the
> destination exists. It''s a rather simple matter to create a file in
> /tmp with an effectively unguessable name (using /dev/urandom and
> other such) before attempting a link to the desired file name.
1) This isn''t as easy for things like shell scripts that need a
temporary file.
2) It doesn''t follow the rule "what should be easy actually IS easy".
A program that does...
2006 Jun 04
8
hashed password, send reminder email...impossible?
Is it possible to somehow send an email containing the user password if
it is stored as a md5 hash in the database?
Is it stupid to save the passwords as clear text strings in the db? Its
a web shop.
A workaround would be to generate a new password and send it to the
user. If the user then want to, he may change to another password.
Any other thoughts on this?
//D
--
Posted via
1999 Nov 27
1
Re: Programming ...
...chroot
> system. Chroot protects against nonprivilidged users acessing the
> rest of the system, not against root-users.
4. Use inetd.conf and tcp wrappers to enable only certain hosts access
to your program's output so the whole world does not get a crack at it.
5. Set up a good unguessable (random) method of authentication so that
remote programs can't easily guess the next proper move before you
program does something potentially harmful.
>>From cryptography: Assume that the adversary knows the mechanism, but
>not the passwords/keys. So: Use a password or somethin...