Forgot your password?
typodupeerror

Comment: Re:Back it up with a little detail helps. (Score 1) 260

by Kyle (#29462285) Attached to: Security / Privacy Advice?

It's not about brute force ssh attacks, that's just an example, it could be RDP, or PPTP VPN for all I care, it's about ramming home the point that in a 24 hour period someone was trying to break through weak passwords. 3000 attempts, and that's a slow night.

You're ramming home the point that there is always someone trying to break in to something, doesn't matter if it's a social networking site, the VPN, or the webserver, if you're putting something online, assume it will be attacked and secure it appropriately.

Comment: Back it up with a little detail helps. (Score 5, Interesting) 260

by Kyle (#29460733) Attached to: Security / Privacy Advice?

Everyone knows you need a secure password. Now show them the log of the 3k connection attempts to the SSH port that occurred overnight.

Unknown Entries:
            authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.46.49.199 : 2366 Time(s)
            authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.73.205.44 user=root : 364 Time(s)
            authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.116.236.46 user=root : 80 Time(s)
            authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.73.205.44 : 73 Time(s)

Maybe ask permission to do a live demonstration of a password cracking tool. See how many passwords you can get in 2 minutes. This may be dangerous though, hide the results, just show the usernames, you don't want to find out who is using the CEO's wife's name as a password.

Really get their attention with some specifics like that.

A sheet of paper is an ink-lined plane. -- Willard Espy, "An Almanac of Words at Play"

Working...