On Mon, 2004-06-14 at 19:59, T. 'Nifty New Hat' Mitchell wrote: > a) Make sure that all the accounts on the machine have good pass words. > Avoid running as root. > Just to add something to Tom's advice: grab "john" from fedora.us (stable repository) and use it to try to crack the passwords.. From my personal experience , john has a hard time trying to crack good passwords.. And for simple ones (like passwords based on the user's name or only number based passwords) are cracked very fast. Just a warning though: warn all the users that you'll be trying to crack their passwords and explain the reasons. This way they'll know that you're doing this for their own protection.... We've had some problems here because some users werent warned about it (they didnt go to the lecture about our security policy) and had their accounts blocked because they didnt change the password within 48 hours after being contacted by e-mail. -- Pedro Macedo
