1996-08-08 - Re: F2 hash?

Header Data

From: =?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@stallion.ee>
To: Adam Shostack <adam@homeport.org>
Message Hash: 3bf6b95d73cc48d5c014a9a6449f8d2b7f8ee8b167525865d40e5564f4024c85
Message ID: <Pine.GSO.3.93.960808141621.22194A-100000@nebula.online.ee>
Reply To: <199608081150.GAA18566@homeport.org>
UTC Datetime: 1996-08-08 14:34:09 UTC
Raw Date: Thu, 8 Aug 1996 22:34:09 +0800

Raw message

From: =?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@stallion.ee>
Date: Thu, 8 Aug 1996 22:34:09 +0800
To: Adam Shostack <adam@homeport.org>
Subject: Re: F2 hash?
In-Reply-To: <199608081150.GAA18566@homeport.org>
Message-ID: <Pine.GSO.3.93.960808141621.22194A-100000@nebula.online.ee>
MIME-Version: 1.0
Content-Type: text/plain


 Thu, 8 Aug 1996, Adam Shostack wrote:

> This doesn't work as of version 1.3(?) and later.  There is a time
> delay before the 'ok' message is sent by the server.  If it gets two
> correct login attempts in the delay period (1-5 seconds, default 2),
> it assumes an attack is underway and rejects them both.

Yes but what if you are able to block the correct user and only the bad
boy gets a chance to log in? Shouldn't be so hard thing to do.

Jüri Kaljundi
AS Stallion
jk@stallion.ee






Thread