API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 24th, 2017
47
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.57 KB | None | 0 0
raw download clone embed print report
  1. Note: By default, UseDNS is enabled in the /etc/ssh/sshd_config file on your server. UseDNS sends the hostname to PAM for SSH session authentication. cPHulk also requests authentication information from PAM when determining whether a login attempt is a brute force attack. A problem arises in cPHulk’s Trusted IPs List feature if UseDNS is still enabled, allowing an attacker to spoof a DNS pointer record to impersonate a trusted hostname. This will allow the attacker unlimited login attempts, permitting a brute force attack. Therefore, UseDNS is disabled if cPHulk is enabled.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!