RE: [suse-security] Cracking passwd file on suse systems

5 Apr 2000


      Unfortunately so, a good reason to make every reasonable attempt to
stop the wrong people getting at the file in the first place........

Alan
...
----------
From: 	Carsten Schmitz[SMTP:c.schmitz@kps.de]
Sent: 	05 April 2000 12:47
To: 	suse-security@suse.com
Subject: 	Re: [suse-security] Cracking passwd file on suse systems
Hello...
...
...
I want to check the passwd-file for insecure passwords.
Is there a way to do this easily?
...
I think that SuSE carries in its distributions some tools for this, you
can
try "john the ripper" for example that i think comes directly with SuSE;
You
can search on www.linuxapps.com or another utility search engine anyway.
...
...
User just have pop-access to their accounts, no telnet, so forcing the
user
to change the password from time to time is not possible.
Thank you for your quick answer. Yes.. John the Ripper was the right
tool...
I was horrified how easily it finds out the passwords...
Greetings,
Carsten
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com
For additional commands, e-mail: suse-security-help@suse.com

Wood, Alan

tags

participants (1)