lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080212084148.6f81553f@wssyg114.sygroup-int.ch>
Date: Tue, 12 Feb 2008 08:41:48 +0100
From: Tonnerre Lombard <tonnerre.lombard@...roup.ch>
To: "Abilash Praveen" <contactme@...lashpraveen.com>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Brute force attack - need your advice

Salut, Abilash,

On Tue, 12 Feb 2008 02:16:02 +0530, Abilash Praveen wrote:
> I had been talking to our web hosts the other day and they seem to
> have a lot of unusual brute force attack on the servers recently. I'm
> guessing that it could be because of my emails to the list? I mean,
> do you advice on using a personal email for this type of list? Or
> should I use something like @ gmail.com? I know they can't easily
> break in to our servers, but am I just giving them a chance?

I don't really think that this is closely related to the use of your
mail address. Outside in the real nature, there is rain/snow/whatever,
which occurs from time to time in some type of natural cycle, and you
can't help it.

The same goes for SPAM and worms/virii/other automated attacks. They'll
always be there, like the rain and the show. What you should do is put
on a rain coat: make sure your systems are up to date and looking
regularly for holes in the coat. Keep the SPAM and worms off yourself,
and whatever flies through your network is just random noise.

(But please don't deduce from this posting that you should use it as
input in a random number generator to generate cryptographic keys!)

				Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Solutions Systematiques
Tel:+41 61 333 80 33		Güterstrasse 86
Fax:+41 61 383 14 67		4053 Basel
Web:www.sygroup.ch		tonnerre.lombard@...roup.ch

Download attachment "signature.asc" of type "application/pgp-signature" (825 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ