Professional Documents
Culture Documents
Against
Password
Attacks In
Windows
Defending Against
Password Guessing
1. Resistance Mechanisms :
.Regularly run a standard password cracking program
.Iptables blacklists- Guessing attacks generally come
from one site at a time, believed to be zombies in a bot-
net. the zombie is recognized on one host and all hosts
blacklist it. The Iptables rule set must use the filter chain
to dispose of packets even in on going connections.
.Iptables whitelists-all connections (except to public
services) are blocked unless the client site is on the
whitelist. it protects all present and future services
automatically; there is no need to modify software or
configurations to become protected or to recognize
attacks
2. Getting On the Blacklist:
.Something looks for frequent login failures from
the same host.