> if this server was used by 100+ people i would of course not have such a > harsh security script set up. everyone who uses it has great experience > and understands the consequences. like i said before, this is usually > for personal use and has about 12 users total. if this was used to > manage ssh on something big i would lower the security measures. > > hope you can understand some now :)
Certainly. However, given that you are willing to accept (risk?) 5 attempts at a legitimate account I don't believe there would be any greater risk in allowing the same for invalid accounts also, given that the likelihood of gaining access to those is actually less - and it would make your script simpler, too, whilst preventing the (albeit, unlikely in your situation) possibility of a DoS to a valid user. To be honest, reversing your logic somewhat wrt valid/invalid accounts and 1/5 attempts could have merit also. That said, I'd be interested in seeing how you implement this with swatch as I'm looking at log parsing solutions in general. best regards, -- Joel Hatton -- Security Analyst | Hotline: +61 7 3365 4417 AusCERT - Australia's national CERT | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: [EMAIL PROTECTED] _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"