----- "Robert G. Brown" <[EMAIL PROTECTED]> wrote: > Do you have an recent contemporary evidence for that?
Not since we moved to LDAP, but a few years back the cluster that I inherited (and that was configured by a large vendor who shall remain nameless) was still running vanilla YP. Although we ran (and still do run) regular brute force attacks against the hundreds of users we have there was still a window of opportunity between a new user setting a dumb password and us breaking it and locking the account. It would have been great if we could have enforced good passwords through cracklib, but from what I remember yppasswd didn't appear to want to play at that time (RH7.3). My memory also tells me that the logs at the time showed people brute forcing their account prior to gaining access, but I have a fairly high bit error rate so please apply 2D6 pinches of salt. cheers! Chris -- Christopher Samuel - (03) 9925 4751 - Systems Manager The Victorian Partnership for Advanced Computing P.O. Box 201, Carlton South, VIC 3053, Australia VPAC is a not-for-profit Registered Research Agency _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
