[Beowulf] Re: "hobbyists"

Chris Samuel csamuel at vpac.org
Thu Jun 19 20:15:31 PDT 2008


----- "Robert G. Brown" <rgb at phy.duke.edu> wrote:

> Do you have an recent contemporary evidence for that?

Not since we moved to LDAP, but a few years back the
cluster that I inherited (and that was configured by
a large vendor who shall remain nameless) was still
running vanilla YP.

Although we ran (and still do run) regular brute force
attacks against the hundreds of users we have there was
still a window of opportunity between a new user setting
a dumb password and us breaking it and locking the account.

It would have been great if we could have enforced
good passwords through cracklib, but from what I
remember yppasswd didn't appear to want to play
at that time (RH7.3).

My memory also tells me that the logs at the time showed
people brute forcing their account prior to gaining access,
but I have a fairly high bit error rate so please apply
2D6 pinches of salt.

cheers!
Chris
-- 
Christopher Samuel - (03) 9925 4751 - Systems Manager
 The Victorian Partnership for Advanced Computing
 P.O. Box 201, Carlton South, VIC 3053, Australia
VPAC is a not-for-profit Registered Research Agency



More information about the Beowulf mailing list