[Date Prev][Date Next] [Chronological] [Thread] [Top]

'Max login attempts' variable/config?



when there is no longer anything to take away.
               -- Antoine de Saint-Exupery

Date: 14 Dec 2000 14:36:16 +0100
Message-ID: <87puiv5dm7.fsf@papadoc.bayour.com>
Lines: 13
User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

I'd like to limit the number of tries a user can enter the wrong
password in one go...

I'm currently running 'http://www.phenoelit.de/kold/' against my
LDAP server (with a word list of 257k words)...

I'd like to make this kind of attempts 'impossible' (or at least
make it more difficult).

Currently I've put a ipchains rule that makes it impossible to
search the db from anywhere but our own SID block and put did
some reasonable ACL rules, but ...