[3768] in bugtraq
Re: Weakness in some linux versions of adduser.
daemon@ATHENA.MIT.EDU (Adam Powers)
Mon Dec 9 03:50:35 1996
Date: Sun, 8 Dec 1996 22:55:14 -0800
Reply-To: Adam Powers <adpowers@tuba.aix.calpoly.edu>
From: Adam Powers <adpowers@tuba.aix.calpoly.edu>
X-To: Dan Merillat <Dan@Merillat.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.LNX.3.95.961208223715.320E-100000@chaos.ao.net>
> Comments? I would like to see some statistics from some larger sites...
> I just used cut and uniq -c on the password file to generate these, if someone
> wants to do some better statistical analysis I would apprecitate their
> findings.
i noticed this some time ago when i wrote a password cracking program
that used a hash file to look up the accounts to compare encryptions.
(where the salt was used as the key.) i resolved hash collisions by chaining,
and wrote a quick check to see how long my chains ended up being. for my site
(calpoly.edu) with 20,000 accounts (password file aprox. 2 megs) i
noticed a rather large chain (1000+ entries). moreover, i noticed that
all the hashes were grouped near the middle. eg- there were about 300
blank entries, then about 1000 full entries, and the rest were blank.
(i don't know how close those numbers are.) it appeared to be some kind
of inverse bell curve.. any ideas for that one? :)
-A
