Devrim GUNDUZ wrote: > Hi, > > On Sal, 2002-12-31 at 19:38, Tom Lane wrote: > > > > This is not a cracker, this is just a brute-force "try all possible > > passwords" search program (and a pretty simplistic one at that). > > Ah, you're right. > > > I'd say all this proves is the importance of choosing a good password. > > Using only lowercase letters is a *bad* idea, especially if you're only > > going to use five of 'em... > > I had no time to search throug the code; but as far as I understood, it > *attacks* the database servers with TCP/IP on, right?
It sniffs the packets going over the wire, so it can only be internet sockets, not unix domain sockets (both use tcp/ip). They basically sniff the text we send, and try passwords until the result matches the successful reply the client sent. -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
