On Wed 14 Jan 2015 at 18:52:06 +0900, Joel Rees wrote: > 2015/01/13 5:17 "Brian" <a...@cityscape.co.uk>: > > > > strikes me as a pretty good one for an ssh login. (I have capitalised > > some letters for readability, not to add complexity). Personally, I find > > it easy to remember and associate with ssh and my account. I cannot see > > why it is not a good password for me. > > Just remember that fail2ban only does temporary tarpitting, and only if the > attacks are repeated to quickly.
How about http://whyscream.net/wiki/index.php/Fail2ban_monitoring_Fail2ban#Warning:_pick_the_right_jail > > The automated probes wouldn't get close to cracking it. > > Think of a bot farm continuously hitting a crowd of targets, once a second, > cycling through spoofed IPs, using informed strategies instead of pure > brute force. If they can spoof one IP, they can spoof another. Does this increase the number of connections per second? > > The danger might > > be a directed attack - from friends, associates, colleagues etc. If they > > knew about my fixation on Lewis Carroll they might have a go at breaking > > in. > > If they think you have something they want, people you don't know will find > out about your interests. Blog posts, posts here, etc. 500,000.000 million on the internet at least. It's not my turn yet. > > Actually, it would be ok as a password for banking access too. There > > surely cannot be a banking site which does not take action after a > > number of failed logins. Maybe not using fail2ban, but a similar > > approach which protects both parties. > > Means you end up going to the bank in person, to get the lock removed. The telephone? People would be heavily critical if a bank did not take steps to monitor logins and act on unusual activity. > Banks aren't perfect, though. You could come to considerable trouble > should, for instance, a bank employee decide to do a little investigating > passwords in her spare time, without permission. > > But it's your bank account. Go for it. I have no knowledge or control over what goes on in a bank, Why lose sleep over worrying about it? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150114215653.gc15...@copernicus.demon.co.uk