brute force attacks

I’m kinda dumb on these things - but in trying to secure a system, I’m wondering about how passwords are attacked. If I type a bad password to my Admin account, it always seems to wait 5 seconds before responding. I assume this is a built in response to a brute force attack? (that is, to make it take way to long to make too many tries) Do softwares like TrueCrypt do this?

Thanks!
Patti

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This type of thing works with client/server interactions. TrueCrypt is
drive/data encryption which is not the same. If somebody has physical
access to your drive they may get this delay between prompts, but that
only matters if they do NOT control the TrueCrypt code (which they could
replace with their own) to try to brute-force.

Anyway, just use a strong passphrase on any encryption and be sure the
media do not get lost. When it comes to client/server things hopefully
your server is smart enough to do things like blocking repeat failures
(the SSH service has options for this, for example).

Good luck.


Want to yell at me in person?
Come to BrainShare 2011 in October: http://tinyurl.com/brainshare2011
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOKa++AAoJEF+XTK08PnB57EcP/jWrorWTfKm879AWrx4SZjm8
Sx7Tqhw6Abm+SdxMtvTrhHU4rGqn06Yt9U8ezPV8wMai1Cq4yTlJ9Q0qrbLm1p/h
d3B8I4SQXkKW0vBVx3CINAV/ITyHoTdNMQW3eM7xO7p+PAYBu/2D0gCc5ma6Lmu2
nIQ4q9ZuXi2V2eTACL9UdM+OsxBjxfvzBqH6mBzJc6L/0W1xCNuw8McuL6F0QTFM
hzBHWD0omorXcBzPtIjs3NGGJcAoREfb8hN3yMH9M0fEyWN3bpLs89RoHXfXXQZH
NuhRYlIE3eFYhnQeANhIxaQemtq4pcZpIM7XLbFtwJRxnY306Iq4S8lzqziIjzM/
iWp2mxY8g7L+S6OjjuPY2XSAKk1JyW6tRbjf7I55mVXvER2jigoUjoUa3m/lCILx
gxec51qh0MrHDQDE2aAY8IDzuMAlgmXHwnpsdB84LWwqWg4noyW2TSBOw7GLWv+8
+UnJrKA8riSAubz8x/0dc6tQeO6i9rkm9PZD1XoMAMadC/QN4plMDeW5DcIqksn6
G5IivJcDqQOpU87HugUIPDy1L1NcJSBuMUF+iHUcIeZLj7fJLeEXaneWltuER1uI
X8iLNUohvnG0jRGz7Q+fr1R0o2uZn/fLKERWzAOI9sTkoOFdKNFiNr7HwsnklLH2
OxMFZfL3A2xvMuHOqYBQ
=VmbF
-----END PGP SIGNATURE-----

Thanks!!!

:)rotfl!

There is a package called fail2ban which is designed to ‘ban’ ip addresses after too many failed authentication attempts, basically install and turn it on

To turn it on enbale it’s service in Yast > System > Sytem Services (Runlevel)

You can also use a public/private key pair for ssh authentication instead of passwords, here’s a short rundown on the basics of key authentication: SSH Public Key Based Authentication – Howto, look at ‘man ssh’ for more detailed info

On 07/22/2011 07:36 PM, PattiMichelle wrote:
>
> I’m kinda dumb on these things - but in trying to secure a system, I’m
> wondering about how passwords are attacked. If I type a bad password to
> my Admin account, it always seems to wait 5 seconds before responding.
> I assume this is a built in response to a brute force attack? (that is,
> to make it take way to long to make too many tries) Do softwares like
> TrueCrypt do this?
>
> Thanks!
> Patti
>
>

I made some notes some time ago:
http://waxborg.servepics.com/howto/harden-ssh

Vahis

http://waxborg.servepics.com
openSUSE 11.2 (x86_64) 2.6.31.14-0.8-default “Evergreen” main host
openSUSE 11.4 (x86_64) 2.6.37.6-0.5-desktop in VirtualBox
openSUSE 11.4 (i586) 2.6.39.3-37-desktop “Tumbleweed” in EeePC 900

This is set up in /etc/login.defs: FAIL_DELAY (or through YaST -> Local Security -> Login Settings: Delay after Incorrect Login Attempt) and LOGIN_RETRIES.