[Bug 550377] New: Add delay after login to prevent brutal force attack
http://bugzilla.novell.com/show_bug.cgi?id=550377 Summary: Add delay after login to prevent brutal force attack Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: WebYaST AssignedTo: kkaempf@novell.com ReportedBy: jreidinger@novell.com QAContact: qa@suse.de Blocks: 514382 Found By: --- brute force/dictionary attack (risk: medium, CWE-307): The login script does not protect against remote password guessing attacks. This can be used to guess the password of the root account. The same works with HTTP Basic Authentication. Solution: Add an increasing delay (maybe already in unix2_chkpwd but not in rpam) after every unseccessful login as well as close the connection after n incorrect logins. Report this attack attempt in the logs. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=550377
User kkaempf@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c1
Klaus Kämpf
http://bugzilla.novell.com/show_bug.cgi?id=550377
User mkudlvasr@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c2
Martin Kudlvasr
http://bugzilla.novell.com/show_bug.cgi?id=550377
User jreidinger@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c3
Josef Reidinger
http://bugzilla.novell.com/show_bug.cgi?id=550377
User kkaempf@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c4
Klaus Kämpf
http://bugzilla.novell.com/show_bug.cgi?id=550377
User jreidinger@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c5
--- Comment #5 from Josef Reidinger
http://bugzilla.novell.com/show_bug.cgi?id=550377
User thomas@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c6
Thomas Biege
http://bugzilla.novell.com/show_bug.cgi?id=550377
User thomas@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c7
--- Comment #7 from Thomas Biege
Second one is that remember ip or user, so after n unsuccessful attempts it block rest-service for all users (which is advantage if someone use brute force attack from zombie cluster, but problem if blocked someones access). Is this limitation problem?
Use "user" only, please. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=550377
User jreidinger@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c8
--- Comment #8 from Josef Reidinger
(In reply to comment #3) ...
Second one is that remember ip or user, so after n unsuccessful attempts it block rest-service for all users (which is advantage if someone use brute force attack from zombie cluster, but problem if blocked someones access). Is this limitation problem?
Use "user" only, please.
OK, thanks, I add user remembering. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=550377
User jreidinger@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=550377#c9
Josef Reidinger
http://bugzilla.novell.com/show_bug.cgi?id=550377
http://bugzilla.novell.com/show_bug.cgi?id=550377#c
Thomas Biege
participants (1)
-
bugzilla_noreply@novell.com