Re: Another Fedora decision

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, 2015-02-03 at 14:10 -0600, Les Mikesell wrote:

> On Tue, Feb 3, 2015 at 2:03 PM, Always Learning <centos@xxxxxxxxxxx> wrote:
> >
> > Nothing wrong with letting "an expert" preconfigure the system and then,
> > after installation, the SysAdmin checking to ensure all the settings
> > satisfy the SysAdmin's requirements.


> I'd just rather see them applying their expertise to actually making
> the code resist brute-force password attacks instead of stopping the
> install until I pick a password that I'll have to write down because
> they think it will take longer for the brute-force attack to succeed
> against their weak code.

Very sensible comment. I absolutely agree. Why do the Fedora Bunch think
poncing-around with password lengths and composition is more important
than extremely strong external security ?

There should be a basic defence that when the password is wrong 'n'
occasions the IP address is blocked automatically and permanently unless
it is specifically allowed in IP Tables. If specifically allowed in IP
Tables, there should be a predetermined wait time before another attempt
can be made.

Simple !  So why does Fedora prefer allowing the hackers unlimited
opportunities to brute-force passwords ?  


-- 
Regards,

Paul.
England, EU.      Je suis Charlie.


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux