Re: On passwords, securtiy and real -sweat, blook and tears- life

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A.J. Bonnema wrote:

Hi all,
A common problem with passwords are their guessabilty (yes, as a non-native English speaker, I too make up words.....). For instance, even though I have taught my daughter to not use dictionary words, names etc, her password for one of the online accounts got hijacked. What happened was, she used: _____ (five underscores) as a password: arghghgh.
But it did make me think again about the security of my home network. Unfortunately most passwords are dictionary words, that are easy to guess using f.i. the john password guesser program, combined with numbers and if you are lucky a special charactor or two. 

What I wonder about is the following:
* given that all ports are closed to external contact through a physical allbeit consumer oriented firewall, just means I am safe for port-scanners. But does it mean that I am safe from cracker systems / programs? Is there a way to break in, without allowing external contact through one of the ports? (not including trojans and the like).
* A second issue is: suppose I would force my family to use really random passwords (like characters picked from a one-time pad). And now suppose I lose my root-password: would I be able to rectify this, without destroying the data? 

Guus.
apg ("yum install apg" should do the trick I would think) will help generate (relatively?) secure passwords, and by default will generate some that are least somewhat easy to remember though should be very difficult to guess attack. 

Try running it with the following command:

apg -M SNCL -r /usr/share/dict/words

which generates output something like this:

Kam5quon!
2FrijibIb]
er7Oddus`
Un'blahij1
tru~Glac2
3Odnirs%
My guess is that any of the above should be reasonably secure and *not too* difficult to remember.
With local access to the machine you should be able to boot into... into... some kind of root/superuser mode should the need arise. Fortunately I have not had to do so for several years. Unfortunately, I do not remember how...
I cannot speak to the firewall/gateway appliance you are using -- I have been using OpenBSD on an old workstation with a few NICs as my firewall/gateway for several years now. Sorry, not trying to start problems here -- this is something we did years ago at an old employer of mine after experiencing problems with several off-the-shelf type firewall/gateway appliances. 

Good luck,

Joe
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux