Welcome to the official THC web site. THC is an acronym for 'The Hacker's Choice' and a group of international experts involved in network and system security. The group looks back on a long history, it was founded in 1995 and published over 70 technical papers and software releases covering a wide range of computer security aspects. Currently, THC is among the top non-commercial security groups worldwide.
http://freeworld.thc.org/
========================================
Linux/Unix Account lockout with PAM Tally
to check whether account lockout is in use:
# grep tally /etc/pam.d
if /etc/pam.conf is in use, the command be
# grep tally /etc/pam.conf
if PAM is being used for account lockout the output should looks like
auth required /lib/security/pam_tally.so deny=5 onerr=fail lock_time=180 reset no_magic_root
description: authentication (auth) for given service we require the system to run the library called pam_tall.so which is cfg to deny access after 5 bad login attepts failing when a user exceeds that thershold, locking an account's bad login tally to zero with sucssessful login. the no_magic root cfg tells the system that if a uid 0 process tries to access some service, it should be counted as a bad login attempt against the root system. w/o this setting telnet & rsh access as root would not count as bad logins. if the even_deny_root act option i set in a pam.d file, then a/c lockout for the root act will be enabled.
========================================
if u lockout the only admin a/c on windows
a) you could boot a linux cd and reset admin pwd. get peter nordah tool @ http://home.eunet/~pnordahl/ntpasswwd/
b) u could boot original install disjs to "linux rescue" or Helix cd, mount the system, counts r maintained /var/log/faillog (by default), to reset use # faillog -r -u [login_name]
c) use Kon-boot @ www.piotrbania.com/all/kon-boot),
========================================
http://freeworld.thc.org/
========================================
Linux/Unix Account lockout with PAM Tally
to check whether account lockout is in use:
# grep tally /etc/pam.d
if /etc/pam.conf is in use, the command be
# grep tally /etc/pam.conf
if PAM is being used for account lockout the output should looks like
auth required /lib/security/pam_tally.so deny=5 onerr=fail lock_time=180 reset no_magic_root
description: authentication (auth) for given service we require the system to run the library called pam_tall.so which is cfg to deny access after 5 bad login attepts failing when a user exceeds that thershold, locking an account's bad login tally to zero with sucssessful login. the no_magic root cfg tells the system that if a uid 0 process tries to access some service, it should be counted as a bad login attempt against the root system. w/o this setting telnet & rsh access as root would not count as bad logins. if the even_deny_root act option i set in a pam.d file, then a/c lockout for the root act will be enabled.
========================================
if u lockout the only admin a/c on windows
a) you could boot a linux cd and reset admin pwd. get peter nordah tool @ http://home.eunet/~pnordahl/ntpasswwd/
b) u could boot original install disjs to "linux rescue" or Helix cd, mount the system, counts r maintained /var/log/faillog (by default), to reset use # faillog -r -u [login_name]
c) use Kon-boot @ www.piotrbania.com/all/kon-boot),
========================================
Comments
Post a Comment