gdm Create User
Simo Sorce
ssorce at redhat.com
Sun Oct 7 15:52:42 UTC 2007
On Sun, 2007-10-07 at 11:43 -0400, Steve Grubb wrote:
> On Sunday 07 October 2007 11:33:45 Lubomir Kundrak wrote:
> > > A successful account breach requires 3 things: a machine name, a valid
> > > account, and the password. Letting people know that an account is valid
> > > cuts the attack down to a dictionary attack.
> >
> > So what about trying to hide the machine name?
>
> Yes that is a good thing to try, but likely to be exposed. NAT's do some
> degree of protecting this. But this is really not the point of this thread.
And I really hope you don't advocate NAT as a security feature, please!
/me hates NAT and I hope nobody will be allowed to reintroduce something
like that with IPv6
> > This is plain nonsense. Time that was spent avoiding timing `attacks' was
> > wasted. The _password_ is meant to be a key that is to be hidden, not the
> > account name.
>
> No, it is both. This is why face logins are bad in a secure setting.
I think this kind of reasoning make sense only when made in a vacuum. In
most cases the username is just too easy to find out anyway. Trying to
regard it as a secret to protect is just plainly voodoo security IMO, I
concur with Lubomir on this.
> > If anything, dictionary attacks can be done against the username-password
> > pair also.
>
> Yes that is true. But not having a valid account name doubles the complexity
> and requires you to work even longer.
That is a function of username lenght and passord lenght: These 2 cases
show same complexity:
A) 8 char username + 8 char password
b) 16 chars password
Want to bet the odds, make the password longer (make it a passphrase)
and stop caring about the username being public or not.
Simo.
> -Steve
>
More information about the devel
mailing list