> -----Original Message-----
> From: Kevin Tarr [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 15, 2002 3:07 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Win 98 Registry
>
>
> I have two seperate questions, the first may relate to Ronn's
> problems.
> 1. Over the last year my niece and nephew have gone through four hard
> drives. These were name brand, WD, store bought hard drives.
> Two of the
> failures were instantanious, two built up over weeks until it
> was obvious
> that something was wrong. Is there any notices about hard
> drive failures?
> The real question: what do you experts do to look ahead for
> problems? I know
> I can't get teenagers to do any weekly checks, but could
> these problems been
> avoided?
Self-Monitoring, Analysis, and Reporting Technology or S.M.A.R.T. This is
supposed to predict a crash. This feature is built into most new
motherboards. Each drive manufacturer may have a set of utilities that can
run in the background, silently monitoring the health of the drives.
>
> 2. From Alberto's message, I was wondering about something.
> From the little
> work I did with NT, it seemed like passwords were hidden. If
> a user lost or
> forgot his password, the only thing a sysadmin could do is
> reset the users
> system, the user had to input a new password. The sysadmin
> couldn't see what
> the actual password was. I take it that this is not true accross all
> systems? Obviously if I lost my password for Amazon.com, it could be
> e-mailed to me, but I just figured that some hidden mechanism
> was involved
> in this. My password was kept on the system but no person
> other than me
> could see it. Just wondering.
Most passwords are hidden, meaning that it is protected either by a hashing
routine or encryption - but it depends on the vendor. Some web sites may
store this info in cookies, others use a hashing or encryption to hide the
password.
NT is very secure in this respect, and can be set to extremely high levels
of security.
It is true that a sys admin can only reset a password to something else, not
see what it is.
Amazon stores your password on its server in a database, but since the
transmission is encrypted this takes the place of hiding the password.
BTW - At work here, one of the developers created a input/output box, where
you type in a password, and it give you a hash of the password. I cracked it
within an hour with a calculator and paper and pencil, and handed it back to
him. The point is that vendors may say your password is safe, but there is
no mechanism to enforce good practices.
Nerd From Hell
> Kevin T.
>
>
