I mean just any special characters. Eg., [EMAIL PROTECTED]&*()_+-= If I wanted to enter a user password as something like qwER12#$, should Nessus accept that, both in the user setup utility (which it does for me) and logging in from the client (which it does not for me)?
And yes, the passwords are hashed. -- Jared Breland International Paper [EMAIL PROTECTED] Information Security 901-419-5077 http://irm.ipaper.com/ "George Theall" <[EMAIL PROTECTED] com> To Sent by: [EMAIL PROTECTED] [EMAIL PROTECTED] cc st.nessus.org Subject Re: Nessus user passwords 08/31/2004 12:17 PM On Mon, Aug 30, 2004 at 01:14:03PM -0500, Jared M Breland wrote: > Does nessus/nessusd support special characters in user passwords? What exactly do you mean by "special characters"? Are you talking about unprintable characters or those like "\" or "/"? I'm not aware of any restrictions in Nessus, although I'm sure there are in practice, especially if you're referring to unprintable characters. Also, are passwords being stored by Nessus as plaintext or MD5 hashes? Check for /usr/local/var/nessus/users/$user/auth/{hash,password} or something similar. George -- [EMAIL PROTECTED] (See attached file: att02q2e.dat) _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
att02q2e.dat
Description: Binary data
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
