Re: Isn't it a security hole...

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: Isn't it a security hole...
From: Guy Maor <maor@ece.utexas.edu>
Date: Wed, 14 Aug 1996 18:10:41 -0500 (CDT)
Message-id: <[🔎] Pine.SOL.3.93.960814180420.19104A-100000@brando.ece.utexas.edu>
In-reply-to: <[🔎] 2.2.32.19960814182754.0069c060@mail.okinternet.net>

On Wed, 14 Aug 1996, Gilbert Ramirez Jr. wrote:

>         Actually, cracking a unix passwd file is quite easy, even for those
> with minimal computer knowledge.  With widely available programs like Crack
> (UNIX), Crakerjack (DOS), and root_crack(DOS) anybody with a CPU >386 can
> crack the DES encryption with a bit of time.

Those programs you mention crack accounts file by guessing the actual
password, encrypting that with all the salts, and matching it to the
encrypted password.  Guesses of the password include permutations of
the user name, gecos, and a dictionary.  Unfortunately such attacks
often work.

Truly cracking a passwd file would take more than "a bit of time".  Or
maybe you're an extremely patient person.

Guy

Reply to:

References:
- Re: Isn't it a security hole...
  - From: gram@merece.uthscsa.edu (Gilbert Ramirez Jr.) (by way of Mike Wood <mike@okinternet.com>)

Prev by Date: Re: How do I get GATEWAY2000 PS/2 mouse to work ?
Next by Date: pine has long delay when sending mail via smail
Previous by thread: Re: Isn't it a security hole...
Next by thread: Re: Isn't it a security hole...
Index(es):
- Date
- Thread