Linas Žvirblis wrote:
John's one, but there are any number of other network security tools that could have been employed. This is what they're for, - to establish the existence of weak passwords so that they can be rectified.Brent Clark wrote:My question is, how would they go about that? What tools or tests were needed to test whether an account has a strong or weak password.You should consult John the Ripper. He is likely to be found in "john" package, although I do not know if this particular tool was used.
I find it hard to believe that a developer would be that slack, though.If they are that pathetic in regard to compromising Debian servers, they need a kick up the arse.
Sure of your info? Regards,