BeepingBart
New member
- Joined
- Sep 28, 2008
- Messages
- 1
Dear Directadmin,
This morning, i looked at my network statistics, and found out it was pumping 25mbits/sec since 1am. narrowing it down, i found out it was a perl script which was ddossing a server on the internet.
i've killed the script, and tried to find the leak. i found a user which had a easy to guess password, which they found by checking my server. they abused his account to upload and execute perl scripts.
a couple of month's ago another user had a easy-2-guess password, and his domain was used for running a creditcard site for ebay
could you please implement a option where users are forced to use difficult passwords, with for example:
- a minumum of 6 chars
- capitals and non capitals mixed together
- atleast on of the following chars: !@#$%^&*()):"<> etc etc
if a admin can set this mark for new password changes, this would be perfect, a admin can then choose if he/she wants to use this function
thanks!!!
Bart van de Mosselaar
This morning, i looked at my network statistics, and found out it was pumping 25mbits/sec since 1am. narrowing it down, i found out it was a perl script which was ddossing a server on the internet.
i've killed the script, and tried to find the leak. i found a user which had a easy to guess password, which they found by checking my server. they abused his account to upload and execute perl scripts.
a couple of month's ago another user had a easy-2-guess password, and his domain was used for running a creditcard site for ebay
could you please implement a option where users are forced to use difficult passwords, with for example:
- a minumum of 6 chars
- capitals and non capitals mixed together
- atleast on of the following chars: !@#$%^&*()):"<> etc etc
if a admin can set this mark for new password changes, this would be perfect, a admin can then choose if he/she wants to use this function
thanks!!!
Bart van de Mosselaar
