On Sun, Nov 2, 2014 at 4:41 PM, Nex6|Bill <n6gh...@yahoo.com> wrote: ... > what about kerberos? (windows K5 vs Unix K5?)
> > >> >> >>> is OpenBSD, or BSD in general vulnerable to these style attacks? >> >> The vulnerability is the authentication protocol/method, independent >> the operating system. >> If you used NTLM or LanMan password authentication on OpenBSD, you >> would be vulnerable. >> You would also have to be insane. >> >> >>> or just the normal unix dump the password /etc/passwd table for offline >>> attacks sorts of >>> stuff? >> >> For the authentication methods in base, correct. > > so, for OpenBSD you would have to get the /etc/passwd for an offline attack > on the password hashes > and for that they would need a user account to logon to the system. Or to > have compromised the system in such a > way as they could copy /etc/passwd. > > other types of attacks would be brut force against SSHD sorts of stuff which > could be detected and mitagated. > > > > >> >> >> Philip Guenther