[100911] in RedHat Linux List

home help back first fref pref prev next nref lref last post

RE: Hacked! :(

daemon@ATHENA.MIT.EDU (UNIXMAN)
Mon Nov 23 19:36:51 1998

Date: Mon, 23 Nov 1998 19:45:37 -0500 (EST)
From: UNIXMAN <jzygmont@alpha.confederationc.on.ca>
To: "Soffen, Matthew" <msoffen@iso-ne.com>
Cc: redhat-list@redhat.com
In-Reply-To: <A17D93A46315D1118FF20020182ACFBB710539@msexchange.iso-ne.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com

which you need root access.


On Mon, 23 Nov 1998, Soffen, Matthew wrote:

> Even if you use shadow passwords, it can be broken.  All it takes is
> access to the shadow password file.
> Matthew Soffen - Webmaster http://www.iso-ne.com/
> 
> ISO New England
> 1 Sullivan Road
> Holyoke, MA 01040-2841
> (413) 535 8167
> ==============================================
> Boss    - "My boss says we need some eunuch programmers."
> Dilbert - "I think he means UNIX and I already know UNIX."
> Boss    - "Well, if the company nurse comes by, tell her I said 
>              never mind."
>                                        - Dilbert -
> ==============================================
> 
> > ----------
> > From: 	Ramon Gandia[SMTP:rfg@nook.net]
> > Sent: 	Saturday, November 21, 1998 3:53 PM
> > To: 	redhat-list@redhat.com
> > Subject: 	Re: Hacked! :(
> > 
> > UNIXMAN wrote:
> > > 
> > > did you se a password for root? <G>  How have they been breaking in
> > to
> > > your systems so easily?
> > 
> > A few ways that I can think of.
> > 
> > (1) Log in as a regular dial up user for FTP, and download
> >     /etc/passwd
> > 
> > (2) (harder) Log in as anonymous and download /etc/passwd.
> > 
> > (3) If he does not use shadow passwords, the /etc/passwd
> >     encryption is easy to break.
> > 
> > -- 
> > Ramon Gandia ==== Sysadmin ==== Nook Net ==== http://www.nook.net
> > 285 West First Avenue                                rfg@nook.net
> > P.O. Box 970                                    tel. 907-443-7575
> > Nome, Alaska 99762-0970 ======================= fax. 907-443-2487
> > 
> 
> 
> -- 
>   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> 		http://www.redhat.com http://archive.redhat.com
>          To unsubscribe: mail redhat-list-request@redhat.com with 
>                        "unsubscribe" as the Subject.
> 
> 


-- 
  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
		http://www.redhat.com http://archive.redhat.com
         To unsubscribe: mail redhat-list-request@redhat.com with 
                       "unsubscribe" as the Subject.
home help back first fref pref prev next nref lref last post