On Tue, 2002-04-09 at 20:43, Newsmail wrote: > Hi, I would like to ask a question that is maybe a dumb question, but I > dont find an answer for it. I type mount /dev/hda1 to mount my encrypted > filesystem. it asks for a password. If I fail to type the password, than it > writes mount: wrong fs type, bad option, bad superblock on /dev/loop0, or > too many mounted file systems ... blablabla. that did took me 1 second. If > it was a program it would take less than a second to type 1 password. so it > somebody begins to make a brute force attack against my encrypted > filesystem it wouldnt take him so much time no? what protects my filesystem > agaoinst these type of brute for attacks? brute forcing against an ssh > connection is quite hard because the sshd waits some seconds before > allowing to type a password again. but at mounting time there is nothing > like this. > could somebody explain me this a bit? > regards, > greg > > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ Read a book on cryptography. Better still, work out how long your (randomly generated if it's any good) password/phrase is, and work out how many goes it will take to guess. If it's any good, that number will be very, very large indeed - then work out long it will take to try that number of goes! A delay does slow down a guessing attacker, but really it's a holdover from the days of unix crypt passwords - a tradition really, and more honoured in the breach IMNSHO. Stephen -- Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239
Attachment:
signature.asc
Description: This is a digitally signed message part
