Linux uses MD5 now for passwords so the new limit is 256 chars. On Monday 19 November 2001 01:40, you wrote: > Are the password still 8 character significant for the crypt() > function, or has Linux changed this? > > Thanks for your response. > Dave > > > When webmin is running, it is bound to port 10000 since webmin uses > > its own > > > 128bit > > certificate for encryption, its very safe, no passwords get passed > > in clear > > > txt and > > its rather difficult to run a brute force password script on a web > > based > > > admin program. > > if your passwords are up to the task, you will be fine.. (all my > > passwords > > > are at least > > 11 characters long and contains small chars, CAPS chars, numbers4321 > > and > > > symboles!@@#@!! > > > > Since I started using no non non encrypted services, started using > > long > > > passwords for stuff.. > > (in fact, usernames that need to be there and have a log in, but > > don't log > > > in as a person (ie having to type in a password), have passwords up > > to 50 > > > characters long, I type them in a txt editor, usually they are > > complete > > > giberish > > and cut and paste them into the passwd screen) I have never been > > compromised. > > > > so Webmin will fine if used hand in hand with a decent password > > policy.. > > > rgds > > > > Frank > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > [EMAIL PROTECTED] > > Sent: Monday, 19 November 2001 5:08 PM > > To: [EMAIL PROTECTED] > > Subject: [expert] Webmin > > > > > > Hi All, > > > > How secure is webmin, I know that is uses a https server, but I need > > to administer a machine remotely. The MDK 8 box has bastille loaded > > and currently all ports except ssh, are bolted down. How safe would > > it > > > be for me to allow the port 10000 for webmin. Is this good or is > > there > > > some real threats associated with this. Webmin is already installed > > and is used accross the SOHO network...it's just an issue of opening > > the WEB side access. > > > > TIA > > Dave. > > > > ----------------------------------------------------------------- > > This message was sent via the web interface to > > Sniff Out's POP3 Email - http://www.sniffout.net/ > > ----------------------------------------------------------------- > This message was sent via the web interface to > Sniff Out's POP3 Email - http://www.sniffout.net/
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com