Michael A. Peters wrote:
On Sun, 2005-12-11 at 00:28 -0600, Jeff Vian wrote:
Besides, the password cracker is enough to confirm that no current
passwords and no existing account is 100% secure.
Fedora implements shadow.
If they did not get root, the presence of a passwd cracker is
meaningless - you need to have read access of the shadow file for the
cracker to do any good.
That's actually not true. I have (or create) a list of candidate
passwords and try them in turn.
Or I consult a dictionary of encrypted passwords and the passwords used
to create the encrypted password. Someone's in the process of creating
such a dictionary right now.
--
Cheers
John
-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list
