OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: RE: [suse-security] Cracking passwd file on suse systems
From: Wood, Alan (alan.woodadmiralplc.com)
Date: Wed Apr 05 2000 - 08:24:09 CDT

Unfortunately so, a good reason to make every reasonable attempt to
stop the wrong people getting at the file in the first place........

Alan

> ----------
> From: Carsten Schmitz[SMTP:c.schmitzkps.de]
> Sent: 05 April 2000 12:47
> To: suse-securitysuse.com
> Subject: Re: [suse-security] Cracking passwd file on suse systems
>
> Hello...
>
> >>
> >> I want to check the passwd-file for insecure passwords.
> >> Is there a way to do this easily?
>
> > I think that SuSE carries in its distributions some tools for this, you
> > can
> > try "john the ripper" for example that i think comes directly with SuSE;
> > You
> > can search on www.linuxapps.com or another utility search engine anyway.
>
> >> User just have pop-access to their accounts, no telnet, so forcing the
> >> user
> >> to change the password from time to time is not possible.
>
>
> Thank you for your quick answer. Yes.. John the Ripper was the right
> tool...
> I was horrified how easily it finds out the passwords...
>
> Greetings,
>
> Carsten
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribesuse.com
> For additional commands, e-mail: suse-security-helpsuse.com
>

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com