Re: under some kind of attack
mj <lists@merit.unu.edu> wrote:
As per my post: checkpassword. You can then use one password on Mondays, Wednesdays, and Fridays, alternate passwords on Tuesdays and Thursday fetched from a rot-13 database, and only from prime numbered IP addresses on weekends, if that's what you want.
Gary Sellani <lists@lazygranch.com> writes:
If you're the only user, moving the IMAP/POP service to a nonstandard port will do most of that with much less bother, and you won't lock yourself out, requiring a ssh/edit firewall/reconnect. Been there, done that.
I get one hacker a week trying to guess passwords, and always from Digital Ocean VPS.
abuse@digitalocean.com is fairly responsive. They usually nuke them pretty quickly.
I would like to see statistics on the success of such brute force attacks. They can't be very successful these days.
Even if the success rate is 0.00001%, you can do the arithmetic to see that's still a huge number of accounts. But you're right, if you have anything resembling a sensible password policy, they're just a log bloating nuisance.
Joseph Tam <jtam.home@gmail.com>
participants (2)
-
Joseph Tam
-
mj