unautherized access to unix systems?

From: Lord Slobber (lordslobber@yahoo.com)
Date: 01/17/03


From: lordslobber@yahoo.com (Lord Slobber)
Date: 16 Jan 2003 16:25:19 -0800

Say, that a hacker has picked a unix system as a target. Now he wants
to get inside the system so what will he do?
he'll usually try and get a user account. The hacker will probably try
to get the password file so he can crack the passwords. But what if
the /etc/passwd is shadowed? how can he get an account then?
I would like to have a discussion about the ways a hacker can enter a
unix system.
Here are some of my ideas:
the phf technique(mostly never works) mostly the passwd file is
shadowed.
If it's a shell account provider buy a user account or get a guest
account.
thanks.