[tac_plus] Re: bad password/ban
john heasley
heas at shrubbery.net
Tue Jun 9 00:12:46 UTC 2009
Tue, Jun 02, 2009 at 02:04:53PM -0400, Mark Ellzey Thomas:
> On Mon, Jun 01, 2009 at 05:47:43PM -0700, Mehrdad wrote:
> > Hello,
> >
> > I'm using the Tacacs+ 4.0.4.16 and I'm looking for logging bad password or
> > ban IP address after specified bad password is there any feature in this
> > regard?
> > That's my suggestion if there isn't
> >
> >
>
> Greetings Mehrdad,
>
> I wrote a patch to lock an account after the daemon notices a bunch of
> auth failures from one user. Giving a quick glance to recent releases
> it does not look as if this was accepted.
>
> You can find the original post/patch here:
> http://www.shrubbery.net/pipermail/tac_plus/2008-June/000248.html
As I mentioned before, my problem with this is that it can be used as a DOS.
your co-worker could lock you out. right? i have no suggestions of how to
deal with that problem properly.
More information about the tac_plus
mailing list