Are the password still 8 character significant for the crypt() function, or has Linux changed this?
Thanks for your response. Dave > > When webmin is running, it is bound to port 10000 since webmin uses its own > 128bit > certificate for encryption, its very safe, no passwords get passed in clear > txt and > its rather difficult to run a brute force password script on a web based > admin program. > if your passwords are up to the task, you will be fine.. (all my passwords > are at least > 11 characters long and contains small chars, CAPS chars, numbers4321 and > symboles!@@#@!! > > Since I started using no non non encrypted services, started using long > passwords for stuff.. > (in fact, usernames that need to be there and have a log in, but don't log > in as a person (ie having to type in a password), have passwords up to 50 > characters long, I type them in a txt editor, usually they are complete > giberish > and cut and paste them into the passwd screen) I have never been > compromised. > > so Webmin will fine if used hand in hand with a decent password policy.. > > > rgds > > Frank > > > > > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > [EMAIL PROTECTED] > Sent: Monday, 19 November 2001 5:08 PM > To: [EMAIL PROTECTED] > Subject: [expert] Webmin > > > Hi All, > > How secure is webmin, I know that is uses a https server, but I need > to administer a machine remotely. The MDK 8 box has bastille loaded > and currently all ports except ssh, are bolted down. How safe would it > be for me to allow the port 10000 for webmin. Is this good or is there > some real threats associated with this. Webmin is already installed > and is used accross the SOHO network...it's just an issue of opening > the WEB side access. > > TIA > Dave. > > ----------------------------------------------------------------- > This message was sent via the web interface to > Sniff Out's POP3 Email - http://www.sniffout.net/ > > > > > > ----------------------------------------------------------------- This message was sent via the web interface to Sniff Out's POP3 Email - http://www.sniffout.net/
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
