5 Sep
2012
5 Sep
'12
12:58 a.m.
On 3.9.2012, at 21.26, Kelsey Cummings wrote:
passdb { args = proxy=y nopassword=y driver = static }
I wonder if someone was doing a ton of logins for different usernames? This kind of setup where director doesn't verify the username can be attacked that way.