[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] How to check your Password File for shadowing
- Subject: [cobalt-users] How to check your Password File for shadowing
- From: "Franklin S. Werren" <fswerren@xxxxxxxxxxxx>
- Date: Wed Oct 4 10:29:02 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hi All
there are 2 ways to look at this file
The easy way is ftp in as admin
go to /etc directory
find the "passwd" file
look at it, I use the view command in ws-ftp
or d/l it and use notepad
look at the second field from the left
root:*:0:0 ect.... for shadowed password file
root:efifgdsi6rgt:0:0 ... ect for un-shadow password
If a cracker get ahold of a un-shadowed password file
there is a good chance that a command line program
called John The Ripper can un-encript the encripted
password file.
Also see if you can ftp in as a user and see if you can get into the /etc
directory
How to in Telnet
log in as admin
cd /etc
pico passwd
The rest is the same as ftp
also try to telnet in as a user and see if you can see the file.
I found that a RAQ3 is shadowed but a RAQ 1 is not,
just like my Qube 2
Because I am using a router, Linksys DSL Cable router
I did not open the telnet and ftp ports to the net..
I do not need those ports open, I admin it from the lan not from the net.
Franklin S. Werren, webmaster@xxxxxxxxxxxx www.bagpipes.net
Modem Madness Ringmaster at www.madbbs.com/webring/
ICQ 8556386 or fswerren46 on AOL's IM or fswerren46 for MSN Messenger
Frank's Radio, P.O. Box 990, Sherman NY 14781-0990
www.franksradio.net
For the best ISP in Chautauqua County NY and North West Pa
go to www.madbbs.com They treat you right.