On 16 Aug 1996, Rob Browning wrote:
> It's too bad we can't support longer passwords. Not only are longer
> ones easier to remember sometimes, but they are harder to break.
> Something along the lines of the PGP passphrase.
I've noticed something curious on various Unices: I can have a
Casper BodenCummins <[EMAIL PROTECTED]> writes:
> Fewer than that. The range of ASCII characters used in passwords is
> quite small: perhaps ~= 110, optimisticly taking into account control
> characters and punctuation marks. Then, many people don't use the full 8
> characters, so we have to reduc
>> Thus, I propose a new word be adopted to describe the clever
>> and benign inventor of quick technical fixes. Rasher, from
>> "Shockwave Rider" usage, is a possible candidate, except
>> Brunner's rashers seemed to operate too much outside the
>> boundaries of ethics, delving into industrial es
>>> If the max passwd
>>> length is 8 bytes, then at a quick estimate it seems that there are
>>> 256^8 * 4096 different possible passwords...?
>
Fewer than that. The range of ASCII characters used in passwords is
quite small: perhaps ~= 110, optimisticly taking into account control
characters and
> >Actually, cracking a unix passwd file is quite easy, even for those
> >with minimal computer knowledge. With widely available programs like Crack
> >(UNIX), Crakerjack (DOS), and root_crack(DOS) anybody with a CPU >386 can
> >crack the DES encryption with a bit of time.
>
> My understa
As Joshua Stockwell wrote:
> >>> On Aug 14, 2:35pm, Bruce Perens wrote:
> >>> : Ahem. Let's not use the word "hacker" to mean
> >>> : "computer criminal" on this list. "cracker" is more
> >>> : appropriate.
> >>> >-- End of excerpt from Bruce Perens
>
>
> Christopher R. Hertel wrote:
> >>> Seco
>>Perhaps a bit, but not too much. The passwords in /etc/passwd are encrypted
>>through one-way DES encryption. It's much easier to simply guess users'
>>passwords, the majority of which are first-names or first-names followed
>>by a number.
>>
>Actually, cracking a unix passwd file is qui
>>> On Aug 14, 2:35pm, Bruce Perens wrote:
>>> : Ahem. Let's not use the word "hacker" to mean "computer criminal" on
>>> : this list. "cracker" is more appropriate.
>>> >-- End of excerpt from Bruce Perens
Christopher R. Hertel wrote:
>>> Seconded. The term "hacker" originally referred to one
bian.org
>Cc:The recipient's address is unknown.
>Subject: Re: Isn't it a security hole...
>
>On Aug 14, 2:35pm, Bruce Perens wrote:
>: Ahem. Let's not use the word "hacker" to mean "computer criminal" on
>: this list. "cracker&
On Aug 14, 2:35pm, Bruce Perens wrote:
: Ahem. Let's not use the word "hacker" to mean "computer criminal" on
: this list. "cracker" is more appropriate.
>-- End of excerpt from Bruce Perens
Seconded. The term "hacker" originally referred to one who would
"hack" at [working] code to make it bett
Guy Maor wrote:
>> Truly cracking a passwd file would take more than "a bit of time". Or
>> Maybe you're an extremely patient person.
It may take a while in general, but poor maintenance and naive password
choice often leads to surprising results - besides, the increase in
low-cost high-power CP
On Wed, 14 Aug 1996, Gilbert Ramirez Jr. wrote:
> Actually, cracking a unix passwd file is quite easy, even for those
> with minimal computer knowledge. With widely available programs like Crack
> (UNIX), Crakerjack (DOS), and root_crack(DOS) anybody with a CPU >386 can
> crack the DES en
Hi Matt!
From: Matthew Bailey <[EMAIL PROTECTED]>
> One of the first things to remember is to use an Alpha numeric and special
> character password for root that usually fixes 99.99% of all hackers from
> gaining root access.
Ahem. Let's not use the word "hacker" to mean "computer criminal" on th
>As Jerzy Kakol said:
>>
>>
>> ...the attribute readable for others in case of the file /etc/passwd?
>
>Perhaps a bit, but not too much. The passwords in /etc/passwd are encrypted
>through one-way DES encryption. It's much easier to simply guess users'
>passwords, the majority of which are first
Yes, it is in project/experimental on the FTP server. We'll put it in 1.2 .
Bruce
--
Clinton isn't perfect, but I like him a lot more than Dole.
Please register to vote, and vote for Democrats.
Bruce Perens AB6YM [EMAIL PROTECTED]http://www.hams.com/
At 05:01 PM 8/14/96 +0200, you wrote:
>
>...the attribute readable for others in case of the file /etc/passwd?
>
>Recently my debian system was cracked by several pirates. They have
>account name and the password widely broadcasted on an IRC channel. The
>only way, as I guess, they grabed root's
On Wed, 14 Aug 1996, Jerzy Kakol wrote:
>
> ...the attribute readable for others in case of the file /etc/passwd?
>
> Recently my debian system was cracked by several pirates. They have
> account name and the password widely broadcasted on an IRC channel. The
> only way, as I guess, they grabe
On Wed, 14 Aug 1996, Jerzy Kakol wrote:
>
> ...the attribute readable for others in case of the file /etc/passwd?
>
> Recently my debian system was cracked by several pirates. They have
> account name and the password widely broadcasted on an IRC channel. The
> only way, as I guess, they grab
As Jerzy Kakol said:
>
>
> ...the attribute readable for others in case of the file /etc/passwd?
Perhaps a bit, but not too much. The passwords in /etc/passwd are encrypted
through one-way DES encryption. It's much easier to simply guess users'
passwords, the majority of which are first-names o
...the attribute readable for others in case of the file /etc/passwd?
Recently my debian system was cracked by several pirates. They have
account name and the password widely broadcasted on an IRC channel. The
only way, as I guess, they grabed root's privilages was free access to
/etc/passwd.
20 matches
Mail list logo
