cyrus sasl Password lock after n failed attempts
Daniel O'Connor
doconnor at gsoft.com.au
Fri Oct 12 02:24:12 EDT 2012
On 12/10/2012, at 15:21, Ram <ram at netcore.co.in> wrote:
> Off late I have seen lots of attempts at getting in weak weak passwords.
> Is there a way I can implement password lock out within cyrus if there
> are more than n consecutive bad attempts
I think a feature like this is likely to result in a denial of service to yourself :)
I use sshguard which can parse many different program's outputs (not just SSH) for failed login attempts and then add a rule to a firewall to block the IP making the attempts.
It has support for many different firewall types - I use PF but it does ipfw, ip tables, etc etc..
It is probably available as a package for your OS/distro or you can get it from http://www.sshguard.net/
--
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
More information about the Info-cyrus
mailing list