Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 19 Feb 1996 03:52:23 -0500 (EST)
From:      -=WireHead=- <timothy.butkiewicz@wmich.edu>
To:        "Andre' Carvalho" <Andre.Carvalho@megamedia.pt>
Cc:        "'questions@freebsd.org'" <questions@freebsd.org>
Subject:   Re: Crack freeBSD password file
Message-ID:  <Pine.PMDF.3.91.960219034804.677885690A-100000@wmich.edu>
In-Reply-To: <01BAFE2F.2B225BE0@pc24.megamedia.pt>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 18 Feb 1996, Andre' Carvalho wrote:

> I would like to know if I can use a program like "crack" to try to break my users' passwords. This is very important because I do not want to have security holes in this machine.
> 
> I tried a lot, but it says that the crypt() function is not standard and that the encrypted passwords are too long.
> 

I am lead to believe not.... FreeBSD uses shadow passwords which Crack 
(v4) doesn't handle very well.
The scheme if you are using DES encryption (though don't know if US is 
friendly to you in that way) is to use the libcrypt option. It is a 
replacement for crypt.

Other security tools include strobe..cops (good to run daily on a cron basis)
Cops is Great in that it checks a bunch o' things not just password 
security...

You can get these at Coast.cs.purdue.edu
(which happens to be a clearing house for security shit. Like CERT 
warnings, announcements and a bunch of tools.)

Also try the 2600 FAQ there are some "cracks" in there that are the ones 
most "crackers" will try anyway! :)

-Timothy





--Is It Live .. or Is It Mimecon--



+-----------------------> *)(*     WireHead      *)(* <-----------------------+
|Feed the NOiSe in2 the .SYS                                fone: 616.349.8044|
|Please end destructive                                 system_X: 616.373.6680|
|       nuclear testing                          http://arbornet.org/~wirehead|
| ! PGP Key available upon request. !                 eMail:wirehead@pobox.com|
[<*>]--------------------------------[<*>]--------------------------------[<*>]




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.PMDF.3.91.960219034804.677885690A-100000>