Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Note: By default, UseDNS is enabled in the /etc/ssh/sshd_config file on your server. UseDNS sends the hostname to PAM for SSH session authentication. cPHulk also requests authentication information from PAM when determining whether a login attempt is a brute force attack. A problem arises in cPHulk’s Trusted IPs List feature if UseDNS is still enabled, allowing an attacker to spoof a DNS pointer record to impersonate a trusted hostname. This will allow the attacker unlimited login attempts, permitting a brute force attack. Therefore, UseDNS is disabled if cPHulk is enabled.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement