[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] [Mips] Are these Passwords Shadowed?
- Subject: Re: [cobalt-users] [Mips] Are these Passwords Shadowed?
- From: "James Hoaggs" <james_hoaggs@xxxxxxxxxx>
- Date: Sun Dec 3 18:59:01 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
---- "H.P. Stroebel" <hpstr@xxxxxxxxxxxxx> wrote:
> James Hoaggs schrieb:
>
> > 1) Are these passwords shadowed?
> > root:9E8yTJJJJJfdW:0:0:Root:/root:/bin/sh <changed some for >>>protection
>>admin:9E8yTJJJJJfdW:110:100:Administrator:/home/users/admin:/bin/bash
>
> no.
>
> > 2) If not, how does one go to shadow them. I can not find a /etc/shadow
> > file, and the /etc/passwd has these permissions:
> > -rw-r--r-- 1 root root 1311 Dec 1 04:04 passwd
[snip]
> for this reason, passwords are normally shadowed, as /etc/shadow does
> not have to be world readable.
> that makes it harder to gain the (encrypted) passwords >from /etc/passwd
> and to run a brute force dictionary attack against them.
Ok, since these passwords are not shadowed, then as other have mentioned,
the Qube2 should be used "for non-critical purposes and certainly (s)ould
not put any important data on it." I.E. not for a business, merely a
backdoor server for scriptkiddies, government hacks, bored cobalt employees,
and other luser market researchers to play and root around with?
--
James Hoaggs ICQ #96365505
james_hoaggs@xxxxxxxxxx - email
(408) 380-2271 x8024 - voicemail/fax
__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com