[plug] Is Red hat truly flawed?
Leon Brooks
leon at brooks.smileys.net
Tue May 2 14:27:58 WST 2000
Christian wrote:
> console access is hard to defend
> against when faced with severe threats.
chmod 600 /etc/lilo.conf
ed /etc/lilo.conf <<EOF
i
password=g0bbl3dyg00k
restricted
.
w
q
EOF
lilo -v
End of problem.
>> So he got the password file... and???? any site that maintains normal
>> password checking (running your own password files thru crack might be a
>> good idea) means that brute force dictionary attacks are rendered virtually
>> useless...
Normal sites don't. When I run John the Ripper at ISPs I visit, more
than a third of passwords fall out within about 20 seconds.
> It's a pity that bcrypt hasn't been
> ported to Linux.
MD5 has, and does a wizard job.
--
Dogs have masters. Cats have staff.
More information about the plug
mailing list