Name : pam_schroedinger
| |
Version : 0.2s
| Vendor : obs://build_opensuse_org/security
|
Release : 2.311
| Date : 2015-01-20 18:07:47
|
Group : Productivity/Networking/Security
| Source RPM : pam_schroedinger-0.2s-2.311.src.rpm
|
Size : 0.02 MB
| |
Packager : (none)
| |
Summary : Uncertainty for brute forcers during login
|
Description :
pam_schroedinger prevents from dicitionary/brute-force attacks against PAM accounts by only returning PAM_SUCCESS if there was no previous login or attempt within a certain timeframe. In a common scenario, users do not authenticate more than once in a second. Everything else looks like a brute force. pam_schroedinger prevents PAM accounts from dictionary attacks much better than a sleep-based delay hardcoded in the authentication mechanism, as used today in su or sudo for example. The attacker will see no delay in his attack, but he will not see which login token succeeds, even if he tried the right one. So there is a certain uncertainty added to the login process so attackers can never be sure the cat is dead or alive. This is the opposite of pam_timestamp.
|
RPM found in directory: /packages/linux-pbone/ftp5.gwdg.de/pub/opensuse/repositories/security/openSUSE_Tumbleweed/x86_64 |