From owner-freebsd-security Wed Dec 13 9:10:24 2000 From owner-freebsd-security@FreeBSD.ORG Wed Dec 13 09:10:21 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 0531337B400 for ; Wed, 13 Dec 2000 09:10:21 -0800 (PST) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id KAA12571; Wed, 13 Dec 2000 10:09:47 -0700 (MST) Message-Id: <4.3.2.7.2.20001213100839.0465c320@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 13 Dec 2000 10:09:43 -0700 To: Robert McCallum , misc@openbsd.org From: Brett Glass Subject: Re: 911 lockdown! Cc: freebsd-security@FreeBSD.ORG In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Pardon me if I'm missing something here, but how would a firewall prevent someone from cracking a guessable password on a legitimate user account? --Brett Glass At 09:18 AM 12/13/2000, Robert McCallum wrote: >My DNS/MAIL/WEB server was hacked recently, I don't believe they 'rooted' >the server 'yet'. But I do see that they have obtained access to a user >account. It apears they cracked a users account which I found out that one >of my users did not adhere to our security policy and set a password that >was not in accordance to our password policy. .... >In conclusion, I need to setup a firewall on that particular host ASAP. "Were parties here divided merely by greediness for office..., to take a part with either would be unworthy of a reasonable or moral man." --Thomas Jefferson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message