Ljubomir, Ljubomir Ljubojevic wrote: > On 01/03/2012 04:47 PM, m.roth@xxxxxxxxx wrote: >> Having been on vacation, I'm coming in very late in this.... >> >> Les Mikesell wrote: >>> On Tue, Jan 3, 2012 at 4:28 AM, Bennett Haselton<bennett@xxxxxxxxxxxxx> >>> wrote: >> <snip> >>>> OK but those are *users* who have their own passwords that they have >>>> chosen, presumably. User-chosen passwords cannot be assumed to be >>>> secure against a brute-force attack. What I'm saying is that if >>>> you're the only user, by my reasoning you don't need fail2ban if >>>> you just use a 12-character truly random password. >>> >>> But you aren't exactly an authority when you are still guessing about >>> the cause of your problem, are you? (And haven't mentioned what your >>> logs said about failed attempts leading up to the break in...). >> >> Further, that's a ridiculous assumption. Without fail2ban, or something >> like it, they'll keep trying. You, instead, Bennett, are presumably >> generating that "truly random" password[1] and assigning it to all your >> users[2], and not allowing them to change their passwords, and you will >> be >> changing it occasionally and informing them of the change.[3] >> >> Right? >> >> 1. How will you generate "truly random"? Clicks on a Geiger counter? >> There is no such thing as a random number generator. >> 2. Which, being "truly random", they will write down somewhere, or store >> it on a key, labelling the file "mypassword" or some such. >> 3. How will you notify them of their new password - in plain text? > > Bennet was/is the only one using those systems, and only as root. No Ohhhh.... > additional users existed prior to breach. And he is very persisting in > placing his own opinion/belief above those he asks for help. That is why So he's not only not wanting to accept that he blew it, but wants "validation" for that wrongheadedness. > we have such a long long long thread. It came to the point where I am > starting to believe him being a troll. Not sure yet, but it is getting > there. As long as no one's giving him support in his ideas, he's now got someone outside himself (and the intruder) to be against. Just like the US right wing.... > > I am writing this for your sake, not his. I decided to just watch from > no on. This thread WAS very informative, I did lear A LOT, but enough is > enough, and I spent far to much time reading this thread. Thanks for the offlist email. Happy new year to you. mark _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos