[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] How to check your Password File
- Subject: Re: [cobalt-users] How to check your Password File
- From: Rod Todd <rodd_todd_1999@xxxxxxxxx>
- Date: Thu Oct 5 13:32:02 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> > Um, none of them are shadowed (maybe
/etc/passwd.OLD),
Ok, that's what we were thinking; how do we shadow
them?
and you
really
> > shouldn't post your password files to a public
list.
I'm not too worried; we are not connected to the Net.
I am more interested in shadowing the passwords on the
box so we don't get in legal troubles like the ISP in
NY.
If I were a
bad
> > person, I would now know where you are (from the
email headers),
user names
> > for password guessing, and have data that I could
feed to password
cracking
> > programs.
If our passwords are not shadowed, all someone has to
do is get a user account, and view the files just like
I did, right? Again, I would appreciate input on how
to shadow passwords on the Cobalts. Thanks for the
concern though; hackers are going to get to our site
anyways once we get on the net; at least I'm trying to
make it more difficult.
>
>So, why not tell everybody that, just in case they
hadn't worked it
out
>for themselves, and make sure to include the raw data
in case anyone
missed
>it first time round?
>
>Oh, you just did.
>
>--
>Dom.
My apologies for the disclosure, I forget what
information is common
knowledge and what might take five minutes of research
to uncover.
You are correct -- I should have snipped his data from
my reply.
Peter
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/