Thornton Prime wrote:
>
> On Wed, 4 Apr 2001, David Talkington wrote:
>
> > Sure. If I had root on your system and wanted your passwords, it'd be
> > a whole lot easier to capture your keystrokes and upload your
> > passwords than it would be to upload your shadow file and run a
> > cracker on it.
>
> Most bad people will probably do both ... grab your passwords with a
> trojan'ed login and grab your shadow file and get more.
>
> Weak passwords are usually cracked in the first 20 minutes with my
> hardware. I can crack moderately strong ones in under 24 hours. The effort
> is well worth it if you have plenty of CPU time on owned machines and if
> you consider the fact that most folks use the same password for many
> different things.
>
> Usually when I go through this exercise, I crack the CFO's password in 10
> minutes or less, the CEO in under and hour and most of the executive
> assistants in the company within 24 hours. Basically within 24 hours I've
> demonstrated that I can get access to any information I want with a simple
> automated crack.
>
> BTW. Don't ever crack passwords without permission. It's illegal. Some
> people don't like it either.
Not some. ALOT!
CH
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
