[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] URGENT Hacking

Subject: Re: [cobalt-security] URGENT Hacking
From: "Mark Baker - Cobalt Lists" <cobalt@xxxxxxxxxxxxxxxxxx>
Date: Sun, 3 Sep 2000 21:48:51 +0100

Hi,

The password wasn't that obvious actually but it happened so its been
changed..

I've been told to try and find a way of having it lock you out after 10
wrong attempts for a period of time, any ideas how to do this?

Regards,

Mark Baker
Dark Marketing Ltd
http://www.yoursitehere.co.uk

Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
----- Original Message -----
From: Webmaster <webmaster@xxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Sunday, September 03, 2000 9:43 PM
Subject: RE: [cobalt-security] URGENT Hacking


> This is just a guess.... But if they used brute force, then your user's
> account that got broken into had a password that was probably something
very
> common like "car".
>
> Brute force attack is used when there is no additional information of
> password and attacker simply tries all possible passwords -
one-characters,
> two-characters etc. To resist this attack you should  encourage long
> mixed-characters password and should have long password setup that
> significantly decreases brute force speed.
>
> Maybe instead of having "car" as the password have something like "car!",
> "car89", "1car", etc.
>
> Also I don't see brute force as a security related issue on a RAQ.
>
> But then again I am just taking a guess at all this. If I am wrong in any
of
> this please let me know.
>  -
>
>                          Barnabas Toth
>                          barnabas@xxxxxxxxxxxxxxxxxxxxx
>                          http://www.maximum-threshold.com
>                          ICQ UIN: 293732
>
> "you know the day destroys the night. night divides the day. try to run.
try
> to hide."
>
> > -----Original Message-----
> >
> > UPDATE...
> >
> > Its appears bruteforce was used to gain access, what can be done?
> > I believe
> > we have all the updates on our RaQ, help please!
> >
> > Regards,
> >
> > Mark Baker
> > Dark Marketing Ltd
> > http://www.yoursitehere.co.uk
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security

Follow-Ups:
- RE: [cobalt-security] URGENT Hacking
  - From: Webmaster
- Re: [cobalt-security] URGENT Hacking
  - From: Zeffie

References:
- RE: [cobalt-security] URGENT Hacking
  - From: Webmaster

Prev by Date: RE: [cobalt-security] URGENT Hacking
Next by Date: RE: [cobalt-security] URGENT Hacking
Previous by thread: RE: [cobalt-security] URGENT Hacking
Next by thread: RE: [cobalt-security] URGENT Hacking

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index