[tac_plus] Re: Auth Fail Lockout
Mark Ellzey Thomas
mark.thomas at corp.aol.com
Tue Mar 16 15:30:52 UTC 2010
On Tue, Mar 16, 2010 at 10:10:13AM -0500, Joe Moore wrote:
> I need to implement account lockout after multiple failed password
> attempts. I know this can lead to a DOS vulnerability for router admin
> accounts but I have no choice. Our PCI auditor is requiring this, and
> there's no arguing with him.
>
>
>
> I see that there was a patch for this from Mark Thomas against 4.0.4.15.
> Is there a patch for the latest (4.0.4.19)?
>
>
>
> I am running on FreeBSD 7.2. I tried to achieve this by authenticating
> against PAM with the pam_abl module but that module doesn't seem to work
> at this time and it may be an orphaned project and not actively
> supported.
>
Yep, you can find the patch against F4.0.4.19 here:
http://www.shrubbery.net/pipermail/tac_plus/2009-September/000508.html
Email me directly if you need any assistance.
More information about the tac_plus
mailing list