lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3F5715BA.2090300@snosoft.com>
From: dotslash at snosoft.com (KF)
Subject: SMC Router safe Login in plaintext

as opposed to a plaintext password file... yes. IF someone were to crack 
into their dialup server sure a few passwords are only a john the ripper 
attack away... but that is certainly better than a raw text file with 
all clear text. Besides that if someone were to crack their dialup 
server they have a few more things to worry about than someone running 
john on their passwd.
-KF


Jeremiah Cornelius wrote:
>>I know when I worked for an ISP it was certainly not 
>>like that... their system ran off some sort of unix 
>>box using pppd. All their passwords were in 
>>etc/passwd and shadow with the rest of em.
> 
> 
> /etc/shadow scales that well?  Yow!
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ