Hi-

I am starting to use a password manager to protect (ironically) some program files for a free program I made. It isn't about banking etc. The program takes a long time to make and I'd like to try and protect it.

Having said that, can a remote computer hacker just sit there and try password after password to gain access to my linux pc? Is there any time out thing to slow them down? I use fedora.

I read in 2013 they could crack 16 alphanumeric random passwords in an hour.

thx. - mtdew3q

Yes. The fact is, though, that, unless hackers have a specific reason to target you, they are unlikely to persist if they don't gain access quickly. Random port scans are a fact of life on the internet, and they are that: random. The scanners are looking for easy targets. It is also true that the the longer a password is, the harder it is to crack. You can learn more at this article: http://www.howtogeek.com/166832/brut...is-vulnerable/

If you haven't already done so, you might want to install fail2ban.

1 members found this post helpful.

hi-

i saw a john the ripper tutorial. that is pretty easy to use. but you need access to the files on the pc. I bet the firewall helps. i wonder if a hacker has to log-in first or if they get access to whatever the user is doing currently with their files e.g. already logged in.

I think of things like flash plug-in for mozilla, and i cringe because flash is everywhere.

anyways.... I think if they know, they can. I can only do things like make passwords longer etc.

thx.

thx! frankbell :-)

hey frank-

i checked my firewalld. Then I installed zenmap and checked for open ports on the ip with ifconfig :-)
I usually go to auditmypc. I like zenmap/nmap-frontend.

It makes me feel a little bit better.

I will go for other stuff you mentioned tomorrow.

I am getting tired.

thx!

Having a good firewall is always wise. On Linux, you can check the settings from the command line with

(You will likely have to be root to do this.)

One thing many users overlook is this: They leave their router password at default. If I have to install a new router, the first thing I do is change the password (I use KeePassX to generate and store my passwords). I also close all unneeded outgoing and incoming ports in my router, opening only the ones I need. Doing that reduces the attack vectors significantly.

With the Linux security model, a hacker would have to get logged in to have access to your system. If a hacker were able to crack your user password, he or she would have access only to user's home directory; not to system files that require root access or to other users' files, if there are multiple users in the system.

I found a good article about Linux security here: https://www.linux.com/learn/overview...urity-features I'll read it all the way through tomorrow.

A web search for "hardening Linux" will also turn up a number of useful links.

1 members found this post helpful.

Hi Frank-

I put fail2ban on and made harder passwords. Now I am in a little better spot.
Just want to protect my freeware stuff and future freeware stuff.

It is easy to find energy for putting on security when you are paranoid.

thx for cool tips.

mtdew3q

I use same password manager. I am sending a donation in februrary. First pay for presents and pay down credit card. then one of my number one priorities in feb. is to send a donation to that cool software - keepassx! I got someone at work to use it to for home use.

thx.

That's a good idea. I shall do the same, as long as I don't have to sign up for Flattr.

Wish they had KeePassX caps. My favorite way of supporting projects is to buy gear. Then I can go into shops and have clerks ask me, for example, "What is Fluxbox?"