gdm Create User
Nicolas Mailhot
nicolas.mailhot at laposte.net
Sun Oct 7 14:37:55 UTC 2007
Le dimanche 07 octobre 2007 à 10:00 -0400, Steve Grubb a écrit :
> A successful account breach requires 3 things: a machine name, a valid
> account, and the password. Letting people know that an account is valid cuts
> the attack down to a dictionary attack.
However account names are terribly predictible anyway, so hiding them
helps little. Script kiddies routinely scan ssh ports with common
surnames, hoping to find accounts with no passwords.
Also a lot of people use account names in public mails, so…
--
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20071007/c2b9f8d9/attachment-0002.bin
More information about the devel
mailing list