Re: New article on SecurityFocus: John the Ripper creator interview
- From: "Justin Ferguson" <jnferguson@xxxxxxxxx>
- Date: Tue, 14 Mar 2006 01:12:42 -0800
It greatly disapoints me to see Solar mainly remembered for this
program instead of all the breakthroughs and innovations he has
accomplished. While it is nice to honor him with an article about
john, let us not be unmindful that he pioneered the heap overflow as
many of us know it (or rather the unlink() technique, but he opened
pandora's box), or the non-exec stack patches, or openwall linux, or
all of his hard work on pam modules and so on.
It would have been nice to see some of that mentioned in his interview
somewhere, people tend to forget that john the ripper was just a small
piece of this mans work.
On 2/22/06, Erin Carroll <amoeba@xxxxxxxxxxxxxx> wrote:
John the Ripper 1.7, by Solar Designer
interview by Federico Biancuzzi
2006-02-22
Federico Biancuzzi interviews Solar Designer, creator of the popular John
the Ripper password cracker. Solar Designer discusses what's new in version
1.7, the advantages of popular cryptographic hashes, the relative speed at
which many passwords can now be cracked, and how one can choose strong
passphrases (forget passwords) that are harder to break.
http://www.securityfocus.com/columnists/388
--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball"
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 268.0.0/267 - Release Date: 2/22/2006
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@xxxxxxxxxx
------------------------------------------------------------------------------
- Prev by Date: RE: SGS 5400 firewalls
- Next by Date: Pentest IIS Webserver
- Previous by thread: CSS dangers with XSS?
- Next by thread: Pentest IIS Webserver
- Index(es):
Relevant Pages
|
