From: “Douglas R. Floyd” <dfloyd@IO.COM>
To: snow@smoke.suba.com (snow)
Message Hash: c3b4f1c2bd8d37ff6ece3edd54373370658c4e3dfbc1547f72903fdaf888daff
Message ID: <199607240114.UAA03230@pentagon.io.com>
Reply To: <Pine.LNX.3.93.960723131530.1031B-100000@smoke.suba.com>
UTC Datetime: 1996-07-24 12:14:53 UTC
Raw Date: Wed, 24 Jul 1996 20:14:53 +0800
From: "Douglas R. Floyd" <dfloyd@IO.COM>
Date: Wed, 24 Jul 1996 20:14:53 +0800
To: snow@smoke.suba.com (snow)
Subject: Re: Decrypt Unix Password File
In-Reply-To: <Pine.LNX.3.93.960723131530.1031B-100000@smoke.suba.com>
Message-ID: <199607240114.UAA03230@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain
>
> On Tue, 23 Jul 1996, Dr.Dimitri Vulis KOTM wrote:
> > Jerome Tan <jti@i-manila.com.ph> writes:
> > > How can I decrypt Unix password file?
> > There are many programs that do this, e.g., look for 'crack'.
> > This attack can be made more difficult if you force your users not to use
> > easy-to-guess passwords, and if you use something like NIS and shadowing to
> > make the public part of the passwords harder to get.
>
> From my conversations with Mr. Tan, he seems to be a high school
> bent of mischeif. He is the one who asked about penetating firewalls,
> and now wants to know how to hack a unix passwd file.
>
> Now, I am not philosophically opposed to hacking, unless you are doing
> it to a machine that I am responsible for, (in which case you'd better hope
> the FBI finds you before I do) but I don't think that it would be a good
> idea to just give him the information. He would wind up getting caught all
> too easily, and might point to this list as a source of information on
> cracking techniques.
Just what they want, anyway -- make cypherpunks look like villins.
>
> I don't know if this should go to the whole list, so you can
> bounce it there if you think it proper.
I think you used your judgement well in this case.
There are many places to start learning about firewalls and UNIX security.
I recommend the _Building Internet Firewalls_ O'reilly book, as well as
_Practical UNIX & Internet Security_ as well. I don't feel right about
spoon feeding cracking info to someone like this.
(PS: The animal on the _Building Internet Firewalls_ book is hidden
behind the gates. It is a Trojan Horse. I heard this secondhand.)
>
> Petro, Christopher C.
> petro@suba.com <prefered for any non-list stuff>
> snow@smoke.suba.com
>
Return to July 1996
Return to “snow <snow@smoke.suba.com>”