[Beowulf] Re: "hobbyists"

Chris Samuel csamuel at vpac.org
Thu Jun 19 23:15:31 EDT 2008

----- "Robert G. Brown" <rgb at phy.duke.edu> wrote:

> Do you have an recent contemporary evidence for that?

Not since we moved to LDAP, but a few years back the
cluster that I inherited (and that was configured by
a large vendor who shall remain nameless) was still
running vanilla YP.

Although we ran (and still do run) regular brute force
attacks against the hundreds of users we have there was
still a window of opportunity between a new user setting
a dumb password and us breaking it and locking the account.

It would have been great if we could have enforced
good passwords through cracklib, but from what I
remember yppasswd didn't appear to want to play
at that time (RH7.3).

My memory also tells me that the logs at the time showed
people brute forcing their account prior to gaining access,
but I have a fairly high bit error rate so please apply
2D6 pinches of salt.

Christopher Samuel - (03) 9925 4751 - Systems Manager
 The Victorian Partnership for Advanced Computing
 P.O. Box 201, Carlton South, VIC 3053, Australia
VPAC is a not-for-profit Registered Research Agency
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Beowulf mailing list