Hi, On Sun Nov 11, 2012 at 18:55:07 -0800, Jamie M wrote: > Just noticed an unfamiliar file in my Debian Squeeze: is called > "john" found in cron.d. > > Does anyone know if this is a security risk, when all of a sudden I > notice this file? > > Thank you and anything anyone can add is appreciated.
zobel@kvasir:~% apt-cache show john Package: john Version: 1.7.8-1 Installed-Size: 472 Maintainer: Ruben Molina <[email protected]> Architecture: amd64 Depends: libc6 (>= 2.7), john-data (= 1.7.8-1) Suggests: wordlist Description-en: active password cracking tool John the Ripper is a tool designed to help systems administrators to find weak (easy to guess or crack through brute force) passwords, and even automatically mail users warning them about it, if it is desired. . Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. Homepage: http://www.openwall.com/john/ Description-md5: 2ffcaf0da9fa0a8266bfe4aa906d4742 Tag: implemented-in::c, interface::commandline, role::program, scope::utility, security::authentication, use::checking Section: admin Priority: optional Filename: pool/main/j/john/john_1.7.8-1_amd64.deb Size: 193790 MD5sum: fe6f0bdb3fce58fcaef0f8cdb91df830 SHA1: c2395aff823d084a4718bcd82b10e5839e56dfc9 SHA256: d502de8591d908c9f62a666fa17d96b25691f0d03295422a0d9aa9ec481e7f07 -- Martin Zobel-Helas <[email protected]> | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster GPG key http://go.debian.net/B11B627B | Debian Webmaster GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
