Re: is it rational to close the 139 port

To: debian-user@lists.debian.org
Subject: Re: is it rational to close the 139 port
From: Stan Hoeppner <stan@hardwarefreak.com>
Date: Mon, 30 Jul 2012 08:57:58 -0500
Message-id: <[🔎] 501692E6.1050209@hardwarefreak.com>
Reply-to: stan@hardwarefreak.com
In-reply-to: <[🔎] 20120730101405.GB22006@khazad-dum.debian.net>
References: <[🔎] CAG9cJmnG+cSqmK=diswYTHOF0ooY5d00LiOxPp8OFUotX+a=rw@mail.gmail.com> <[🔎] 20120722113234.GC7631@desktop> <[🔎] 20120722140926.GC6174@khazad-dum.debian.net> <[🔎] 20120722153107.GD7631@desktop> <[🔎] CAOdo=SwUekf+yJix6FFOn_vGHmVWsyOtjnL7WYTO+ngCaj0F9A@mail.gmail.com> <[🔎] 20120729173055.GR6660@desktop> <[🔎] 20120729180004.GB22383@khazad-dum.debian.net> <[🔎] 20120729193204.GU6660@desktop> <[🔎] 20120730012708.GA10124@khazad-dum.debian.net> <[🔎] 20120730092100.GB12993@sid.nuvreauspam> <[🔎] 20120730101405.GB22006@khazad-dum.debian.net>

On 7/30/2012 5:14 AM, Henrique de Moraes Holschuh wrote:

> You need to have gibberish passphrases if you want it to be secure...

Gibberish implies one wouldn't be able to remember the password/phrase.
 What you want is something recognizable to you but gibberish to all
others.  I've been using such passwords for years.  The creation
methodology is simple.

Take a couple or few short acronyms familiar to you but obscure to the
general population.  Inject numbers associated with the things the
acronyms identify.  Use case variation on the alpha portions.  Then add
a special character to the front and rear, and some padding characters
to increase length, as length is ultimately the key to unguessable
passwords.  For example:

...@AsCi6144Bm#---

That's 18 characters, not unwieldy, nor hard to remember, if you know
what the component parts are and the special character and padding
policies.  Looks like complete gibberish yes?

According to https://www.grc.com/haystack.htm it will take *1.28
trillion centuries* at one hundred trillion guesses/second to brute
force guess this password.

At http://www.passwordmeter.com/ it gets a 100% score and very strong
complexity rating, although you can achieve this with this tool using a
much less complex password.

-- 
Stan

Reply to:

Follow-Ups:
- Re: is it rational to close the 139 port
  - From: John Hasler <jhasler@newsguy.com>

References:
- Re: is it rational to close the 139 port
  - From: lina <lina.lastname@gmail.com>
- Re: is it rational to close the 139 port
  - From: Brian <ad44@cityscape.co.uk>
- Re: is it rational to close the 139 port
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: is it rational to close the 139 port
  - From: Brian <ad44@cityscape.co.uk>
- Re: is it rational to close the 139 port
  - From: Tom H <tomh0665@gmail.com>
- Re: is it rational to close the 139 port
  - From: Brian <ad44@cityscape.co.uk>
- Re: is it rational to close the 139 port
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: is it rational to close the 139 port
  - From: Brian <ad44@cityscape.co.uk>
- Re: is it rational to close the 139 port
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: is it rational to close the 139 port
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: is it rational to close the 139 port
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: PCIe debugging error messages - kern.log
Next by Date: Re: is it rational to close the 139 port
Previous by thread: Re: is it rational to close the 139 port
Next by thread: Re: is it rational to close the 139 port
Index(es):
- Date
- Thread