Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
Is it enough to just make the passwords lenghty, with no meaning, with lower and uppercase letters? Or do you have to take more measures.
8 replies to this topic
Back to top|
|
|
#2
Posted 22 June 2008 - 05:22 AM
Crop
-
- Members
-
- 62 posts
Learning Programmer
No. If you run a public webserver you should also use login detection software. The software will allow you to specify when to ban someone based on how many times they attempted to login. For example, if you set it at 5 and I tried (and failed) 5 times to login as root then the software would ban me.
There are two that I know of BFD (Brute Force Detection) and LFD (Logon Failure Daemon). Both work well.
There are two that I know of BFD (Brute Force Detection) and LFD (Logon Failure Daemon). Both work well.
#3
Posted 22 June 2008 - 08:01 AM
LissaValerian
-
- Members
-
- 53 posts
Learning Programmer
I would also suggest AFP here:
R-fx Networks - Internet Security Solutions - Projects » APF
It's one of the tools I use:
From their website:
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today's Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the 'apf' command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution.
R-fx Networks - Internet Security Solutions - Projects » APF
It's one of the tools I use:
From their website:
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today's Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the 'apf' command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution.
#4
Posted 23 June 2008 - 08:11 AM
Prog
-
- Members
-
- 98 posts
Learning Programmer
I've used AFP before, excellent firewall.
#5
Posted 24 June 2008 - 05:03 AM
Oigen
-
- Members
-
- 107 posts
Programmer
Thanks a lot guys. I'll check the APF and the brute force detectors...
#6
Posted 24 June 2008 - 05:29 AM
LissaValerian
-
- Members
-
- 53 posts
Learning Programmer
EugenS said:
Thanks a lot guys. I'll check the APF and the brute force detectors...
Good luck! There are how-to's out there that describe a joint APF+BFD install, they work well in combo. It's what I use.
Good luck!
~Lissa Valerian
#7
Posted 24 June 2008 - 08:58 AM
rumen
-
- Members
-
- 107 posts
Programmer
LissaValerian said:
I would also suggest AFP here:
R-fx Networks - Internet Security Solutions - Projects » APF
It's one of the tools I use:
From their website:
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today's Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the 'apf' command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution.
R-fx Networks - Internet Security Solutions - Projects » APF
It's one of the tools I use:
From their website:
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today's Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the 'apf' command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution.
Hey, thank you a lot for this valuable info:) It looks really promising.
#8
Posted 27 June 2008 - 12:34 PM
Oigen
-
- Members
-
- 107 posts
Programmer
I tried and, what would you know, I've broken my fingers, heh. Might wanna call that friend of mine that's good with computers :)
#9
Posted 30 June 2008 - 11:58 AM
LissaValerian
-
- Members
-
- 53 posts
Learning Programmer
EugenS said:
I tried and, what would you know, I've broken my fingers, heh. Might wanna call that friend of mine that's good with computers :)
Well, good luck with that! :)
