[Tickets #4085] RESOLVED: Root authentication should be deniable
bugs@bugs.horde.org
bugs at bugs.horde.org
Wed Jun 28 08:55:02 PDT 2006
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=4085
-----------------------------------------------------------------------
Ticket | 4085
Updated By | Michael Slusarz <slusarz at horde.org>
Summary | Root authentication should be deniable
Queue | IMP
Version | 4.1.2
-State | New
+State | Rejected
Priority | 1. Low
Type | Enhancement
Owners |
-----------------------------------------------------------------------
Michael Slusarz <slusarz at horde.org> (2006-06-28 08:55) wrote:
> I think there should be a blacklist
> of accounts that are never allowed to login or some other way to
> prevent trying an uncounted number of account/password pairs remotely.
Like configuring your POP server to prevent this. Disabling access via
IMP does nothing to protect security - since an attacker could just
directly connect to the port and try username/password combinations all
day long and just bypass any restrictions in IMP.
More information about the bugs
mailing list