Date: Wed, 7 Nov 2001 14:56:58 +0100 From: "Anthony Atkielski" <anthony@atkielski.com> To: "Erik Trulsson" <ertr1013@student.uu.se>, "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG> Subject: Re: Lockdown of FreeBSD machine directly on Net Message-ID: <00ca01c16794$12a7eba0$0a00000a@atkielski.com> References: <000201c166a2$d2ed80c0$1401a8c0@tedm.placo.com> <001401c166a9$9b976120$0a00000a@atkielski.com> <20011106180650.A72863@student.uu.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Erik writes: > There is no such thing as 100% security. Sure there is. Shannon proved it. Some spies and spooks implement it. > This is case where persistence is exactly what > is needed to crack the system. One simply tries > every possible password until one succeeds. With random eight-character alphanumeric passwords and five Telnet login attemps per second, this will take about 1.25 million years, on average, far longer than the lifetime of any attacker, persistent or otherwise. In other words, the system is completely secure in this context through computational feasibility, and you can make it theoretically 100% secure as well by installing a lockout after a certain number of bad password attempts. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00ca01c16794$12a7eba0$0a00000a>