Re: See what a weak password will get ya?

2004-07-24 Thread John Summerfield
Greg Folkert wrote: Apparently, the best is to replace crypt based passwords with RSA based, and use longer passwords. Actually, best actual reasonable password is: to not use one I've noticed that using Debian without a root password requires some work. I'm comfortable in _my_

Re: See what a weak password will get ya?

2004-07-24 Thread Jon Dowland
On Thu, 22 Jul 2004 17:42:53 -0500, Paul Stolp [EMAIL PROTECTED] wrote: ./t ./h2 rm -rf h2 k;./brk Has anyone grabbed these and checked to see whats inside them? -- Jon Dowland [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble?

Re: cracking - Re: See what a weak password will get ya?

2004-07-23 Thread Alvin Oga
On Thu, 22 Jul 2004, s. keeling wrote: Incoming from Alvin Oga: - and hopefully, they don't have the passwd file from /etc/shadow to compare against Agreed. Once they're in, all bets are off. best to assume they are already in and sniffing .. 24x7 and work knowing they can

Re: See what a weak password will get ya?

2004-07-23 Thread Karsten M. Self
on Thu, Jul 22, 2004 at 07:24:01PM -0700, Scarletdown ([EMAIL PROTECTED]) wrote: Paul Stolp wrote: I checked in on some bittorrent progress today at lunch, noticed my I'm not sure the July 19 log snippet is related, but seems likely. Anyways, I've re-downloaded the files the attacker used and

Re: See what a weak password will get ya?

2004-07-23 Thread Joost De Cock
Quoting s. keeling [EMAIL PROTECTED]: Incoming from Scarletdown: An example of a good password (though since I'm posting it here, it can no longer be considered good) is: [EMAIL PROTECTED] I disagree. A cracking program is going to attempt to match permutations of dictionary words.

Re: See what a weak password will get ya?

2004-07-23 Thread Karsten M. Self
on Thu, Jul 22, 2004 at 11:02:11PM -0700, Karsten M. Self ([EMAIL PROTECTED]) wrote: on Thu, Jul 22, 2004 at 07:24:01PM -0700, Scarletdown ([EMAIL PROTECTED]) wrote: Paul Stolp wrote: I second that recommendation. I always prefer to have passwords with the following features:

Re: See what a weak password will get ya?

2004-07-23 Thread Justinas
On Fri, 23 Jul 2004 00:04:53 -0400 charlie derr [EMAIL PROTECTED] wrote: Paul Stolp wrote: * dircha [EMAIL PROTECTED] [2004-07-22 21:48]: Scarletdown wrote: | == K == X | == P Anyone else care to add to this little list? 0 == O $ == S |-| == H |_| == U |_ == L \/\/ ==

Re: See what a weak password will get ya?

2004-07-23 Thread Frank Gevaerts
On Thu, Jul 22, 2004 at 07:24:01PM -0700, Scarletdown wrote: I second that recommendation. I always prefer to have passwords with the following features: Minimum of 8 characters At least 1 capital letter At least 1 lower case letter At least 1 number At least 1 special character Except

Re: See what a weak password will get ya?

2004-07-23 Thread Tim Connors
Frank Gevaerts [EMAIL PROTECTED] said on Fri, 23 Jul 2004 10:44:34 +0200: On Thu, Jul 22, 2004 at 07:24:01PM -0700, Scarletdown wrote: I second that recommendation. I always prefer to have passwords with the following features: Minimum of 8 characters At least 1 capital letter At

Re: See what a weak password will get ya?

2004-07-23 Thread Paul Stolp
* Monique Y. Mudama [EMAIL PROTECTED] [2004-07-23 00:04]: I'd add the suggestion to not use obvious usernames like guest ... agree -- I will prob. replace this account name Btw, are you 100% sure they never managed to root you and replace some of your files? I wasn't 100% sure I wasn't

Re: See what a weak password will get ya?

2004-07-23 Thread Awais Ahmad
Hi, I haven't caught the start of this thread, but how can you be sure your core utilities have not been altered? Do have a record of how they looked before the crack (a backup, MD5 sums etc, AIDE,Tripwire database)?. IMO, you would really need to examine those binaries on another box against a

Re: See what a weak password will get ya?

2004-07-23 Thread Kirk Strauser
On Thursday 22 July 2004 17:42, Paul Stolp wrote: See what a weak password will get ya? No. I do, however, see what allowing password logins to an SSH server will get you. I could set my password to foo and you still aren't getting in without my RSA key (or Kerberos ticket). Oh, and

Re: See what a weak password will get ya?

2004-07-22 Thread Scarletdown
Paul Stolp wrote: I checked in on some bittorrent progress today at lunch, noticed my I'm not sure the July 19 log snippet is related, but seems likely. Anyways, I've re-downloaded the files the attacker used and removed (for posterity.) I changed all passwords, IP Address, I found the evidence at

Re: See what a weak password will get ya?

2004-07-22 Thread dircha
Scarletdown wrote: | == K == X | == P Anyone else care to add to this little list? 0 == O $ == S |-| == H |_| == U |_ == L \/\/ == W /\/\ == M |V| == M |\| == N |-o-| == tie fighter {-o-} == tie interceptor 8~~ ? 8-) ... ! --dircha -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

OT: Re: See what a weak password will get ya?

2004-07-22 Thread s. keeling
Incoming from Paul Stolp: I checked in on some bittorrent progress today at lunch, noticed my process monitor showing full activity. Ran top, saw user guest logged on, running 4 instances of a program named t, and short term load average over 4. AAGGGHHH! shutdown -h now ! pull network

Re: See what a weak password will get ya?

2004-07-22 Thread s. keeling
Incoming from Scarletdown: An example of a good password (though since I'm posting it here, it can no longer be considered good) is: [EMAIL PROTECTED] I disagree. A cracking program is going to attempt to match permutations of dictionary words. This will not add much more time to reach

Re: See what a weak password will get ya?

2004-07-22 Thread Chris Metzler
On Thu, 22 Jul 2004 17:42:53 -0500 Paul Stolp [EMAIL PROTECTED] wrote: I checked in on some bittorrent progress today at lunch, noticed my process monitor showing full activity. Ran top, saw user guest logged on, running 4 instances of a program named t, and short term load average over 4.

Re: See what a weak password will get ya?

2004-07-22 Thread Mathieu Ducharme
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On July 22, 2004 10:59 pm, s. keeling wrote: Incoming from Scarletdown: An example of a good password (though since I'm posting it here, it can no longer be considered good) is: [EMAIL PROTECTED] I disagree. A cracking program is going to

Re: See what a weak password will get ya?

2004-07-22 Thread s. keeling
Incoming from Mathieu Ducharme: On July 22, 2004 10:59 pm, s. keeling wrote: Incoming from Scarletdown: An example of a good password (though since I'm posting it here, it can no longer be considered good) is: [EMAIL PROTECTED] I disagree. A cracking program is going to attempt

Re: See what a weak password will get ya?

2004-07-22 Thread Paul Stolp
* dircha [EMAIL PROTECTED] [2004-07-22 21:48]: Scarletdown wrote: | == K == X | == P Anyone else care to add to this little list? 0 == O $ == S |-| == H |_| == U |_ == L \/\/ == W /\/\ == M |V| == M |\| == N |-o-| == tie fighter {-o-} == tie interceptor Good plan, I need to

Re: OT: Re: See what a weak password will get ya?

2004-07-22 Thread Paul Stolp
* s. keeling [EMAIL PROTECTED] [2004-07-22 22:03]: Incoming from Paul Stolp: I checked in on some bittorrent progress today at lunch, noticed my process monitor showing full activity. Ran top, saw user guest logged on, running 4 instances of a program named t, and short term load average

Re: See what a weak password will get ya?

2004-07-22 Thread Paul Stolp
* Chris Metzler [EMAIL PROTECTED] [2004-07-22 22:18]: On Thu, 22 Jul 2004 17:42:53 -0500 Paul Stolp [EMAIL PROTECTED] wrote: shutdown -h now ! Believe it or not, this is often a bad idea. It's often easier to determine the scope of a compromise by watching the intrude for a little

Re: See what a weak password will get ya?

2004-07-22 Thread charlie derr
Paul Stolp wrote: * dircha [EMAIL PROTECTED] [2004-07-22 21:48]: Scarletdown wrote: | == K == X | == P Anyone else care to add to this little list? 0 == O $ == S |-| == H |_| == U |_ == L \/\/ == W /\/\ == M |V| == M |\| == N |-o-| == tie fighter {-o-} == tie interceptor Good plan, I need to

Re: OT: Re: See what a weak password will get ya?

2004-07-22 Thread s. keeling
Incoming from Paul Stolp: * s. keeling [EMAIL PROTECTED] [2004-07-22 22:03]: Incoming from Paul Stolp: look for damage, whew, I was O.K. -- I'm sure it helps to be up to date ... How did you manage to verify that? Are you running chkrootkit?

Re: See what a weak password will get ya?

2004-07-22 Thread Greg Folkert
On Thu, 2004-07-22 at 22:59, s. keeling wrote: Incoming from Scarletdown: An example of a good password (though since I'm posting it here, it can no longer be considered good) is: [EMAIL PROTECTED] I disagree. A cracking program is going to attempt to match permutations of

Re: See what a weak password will get ya?

2004-07-22 Thread Monique Y. Mudama
On 2004-07-22, Paul Stolp penned: Anyways, I've re-downloaded the files the attacker used and removed (for posterity.) I changed all passwords, IP Address, I found the evidence at about 12:24. Just wanted to share the need for strong passwords. I'd add the suggestion to not use obvious

Re: See what a weak password will get ya?

2004-07-22 Thread Tim Connors
Mathieu Ducharme [EMAIL PROTECTED] said on Thu, 22 Jul 2004 23:33:48 -0400: I'm pretty sure dictionary attack also look for this. (?) Use other characters that will make the word absolutely not dictionar- related x[([EMAIL PROTECTED])~(w0rD)]x Still as easy to remember (longer to type

cracking - Re: See what a weak password will get ya?

2004-07-22 Thread Alvin Oga
On Thu, 22 Jul 2004, s. keeling wrote: I disagree. A cracking program is going to attempt to match permutations of dictionary words. This will not add much more time to ... how fast can a cracking system go thru dictionary words that are mispelled with various digits and special char

Re: cracking - Re: See what a weak password will get ya?

2004-07-22 Thread s. keeling
Incoming from Alvin Oga: - and hopefully, they don't have the passwd file from /etc/shadow to compare against Agreed. Once they're in, all bets are off. Why bother to crack if you can sniff? -- Any technology distinguishable from magic is insufficiently advanced. (*)