[Gllug] Router under attack: help/advice needed
- Tethys
tethys at gmail.com
Thu Oct 22 10:39:03 UTC 2009
On Thu, Oct 22, 2009 at 11:10 AM, Iain M Conochie <iain at shihad.org> wrote:
> But you forget to mention that password authentication is also
> susceptible to brute force attacks due to bad passwords. This is the
> _main_ thing (IMHO) that keys help prevent, as if users are bad at
> having passphrases they are worse with passwords.
Oh, agreed. But passwords are held on a machine under your control.
You can run John against them via cron every night and disable any
accounts with weak passwords. Passphrases are held on a machine that
(usually) isn't under your control. You can't check to see if they're
weak (or indeed, present at all).
> Q. What is the first rule of network security?
> A. Kill all your users.
That would be funny, were it not true...
Tet
--
“It seems intuitively obvious to me, which means that it might be
wrong.” -- Chris Torek
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list