Guy Maor wrote: >> Truly cracking a passwd file would take more than "a bit of time". Or >> Maybe you're an extremely patient person.
It may take a while in general, but poor maintenance and naive password choice often leads to surprising results - besides, the increase in low-cost high-power CPUs are narrowing the gap. The following excerpt from 'How to improve the security of your site by breaking into it' by Dan Farmer and Wietse Venema illustrates this point: ---begin quote----------------------------------------------------------- After receiving mail from a site that had been broken into from one of our systems, an investigation was started. In time, we found that the intruder was working from a list of ".com" (commercial) sites, looking for hosts with easy-to steal password files. In this case, "easy-to-steal" referred to sites with a guessable NIS domainname and an accessible NIS server. Not knowing how far the intruder had gotten, it looked like a good idea to warn the sites that were in fact vulnerable to password file theft. Of the 656 hosts in the intruder's hit list, 24 had easy-to-steal password files -- about one in twenty-five hosts! One third of these files contained at least one password-less account with an interactive shell. With a grand total of 1594 password-file entries, a ten-minute run of a publically-available password cracker (Crack) revealed more than 50 passwords, using nothing but a low-end Sun workstation. Another 40 passwords were found within the next 20 minutes; and a root password was found in just over an hour. The result after a few days of cracking: five root passwords found, 19 out of 24 password files (eighty percent) with at least one known password, and 259 of 1594 (one in six) passwords guessed. ---end quote------------------------------------------------------------- >Casper Boden-Cummins.