Re: Linux Password Cracking

From: Nico Kadel-Garcia (nkadel_at_verizon.net)
Date: 08/08/03

  • Next message: Felix Tilley: "I Need iptables scripts - Samples"
    Date: Fri, 08 Aug 2003 02:13:53 GMT
    
    

    Chris Cox wrote:
    > Wolfgang Fischer wrote:
    >
    >> On Wed, 06 Aug 2003 18:24:18 +0300, Timo Voipio wrote:
    >>
    >>
    >>> If there was a remote program to crack the box the box would be
    >>> insecure.
    >>
    >>
    >>
    >> You can try to login via telnet/ssh again and again to check thousands of
    >> passwords. However, this will only work with __very__ insecure passwords.
    >
    >
    > On any default config even, this will be a painfully slow process.
    > However, if you have... let's say... 10-15 years.. you can probably
    > crack one 6 character password or two.
    >
    > A reasonable secure config will start blocking by IP which could extend
    > the amount of time well into the 1,000's of years.

    Check the password "love". It's the most common password known to
    mankind, and still today very few sites actually run "crack" or other
    password checkers against their password file, especially for websites
    and FTP servers.


  • Next message: Felix Tilley: "I Need iptables scripts - Samples"