From owner-freebsd-security  Fri Aug  2 22:13:48 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id WAA27453
          for security-outgoing; Fri, 2 Aug 1996 22:13:48 -0700 (PDT)
Received: from kdat.calpoly.edu (kdat.csc.calpoly.edu [129.65.54.101])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id WAA27448
          for <freebsd-security@freebsd.org>; Fri, 2 Aug 1996 22:13:47 -0700 (PDT)
Received: (from nlawson@localhost) by kdat.calpoly.edu (8.6.12/N8) id WAA02366; Fri, 2 Aug 1996 22:13:34 -0700
From: Nathan Lawson <nlawson@kdat.csc.calpoly.edu>
Message-Id: <199608030513.WAA02366@kdat.calpoly.edu>
Subject: Re: Crack 4.1 patches for FBSD
To: brandon@tombstone.sunrem.com (Brandon Gillespie)
Date: Fri, 2 Aug 1996 22:13:34 -0700 (PDT)
Cc: freebsd-security@freebsd.org
In-Reply-To: <Pine.BSF.3.91.960729165132.10431C-100000@tombstone.sunrem.com> from "Brandon Gillespie" at Jul 29, 96 04:56:30 pm
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> > 	Make a VERY slow crypt with very long output.  Something 
> >         in the order of 10s of seconds on a P6/200.  It is of 
> >         course annoying that things take that long, but dictionaries 
> > 	would be practically impossible.
> 
> As long as the sleep is optional, and can be enabled/disabled with a
> simple command (hooked into sysconfig).  On some systems I would likely
> enable it, but on most (like my workstation) I could frankly care less--I
> feel secure enough in my local net from system to system (i.e. each system
> is rather isolated), and the huge login times would simply get irritating
> quickly. 

Unfortunately, a sleep would be inadequate against a dictionary attack.  The
actual algorithm (and hence the garbled password) would have to depend on a
number of iterations sufficient to discourage this attack.  Being able to
disable it and still use the same crypt would add no additional security.

I'm actually interested in a 'secure' release of FreeBSD, with daemons not
running as root, no complicated mailers, few to no setuid binaries -- in
essence, what I do to my FreeBSD systems as soon as I install them.

Unfortunately, I have recently started a very demanding job and do not have
the time to contribute to such a project.  My apologies.

-- 
Nate Lawson                  "There are a thousand hacking at the branches of
CPE Senior                    evil to one who is striking at the root."
CSL Admin                              -- Henry David Thoreau, 'Walden', 1854