Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

A question about passwords and login/authentication

from [Roman L. Daszczyszak II] Network Security [Permanent Link]
Subject: A question about passwords and login/authentication
Date: Wed, 09 Mar 2005 14:57:17 -0600 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have heard that many *nix flavors used to default to using DES as
their password storage algorithm, but recently many Linux flavors tend
to use MD5 hashes instead, which are more secure to brute force attacks.

What I'm wondering is how long can a Linux password be?  Can it use
extended characters (like Windows Alt-# feature) in it's passwords and
if so, how do you use them (aka if they aren't on the keyboard)?

Additionally I have heard that an MD5 hash has no limit to the amount it
can hash (iow an unlimited length password) but somewhere in the Linux
authentication it is set to a length of 256.  What imposes this length
of password?

Lastly, in communicating with a Windows XP/2000 box using SAMBA and
Windows File sharing, how does one determine whether the password being
sent across the network is encrypted and not plain text?

Any information you can provide (and references to back it up) would be
very helpful; thank you.

Roman
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCL2MtszjStpsfjf8RAmlBAJ0Y3xlMUc+sN7BpmeV7BwTKoo2NlQCgwvmS
KgNlN6VnD2KlD9Crz16Cyng=
=e4bH
-----END PGP SIGNATURE-----

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Deny Access To configuration file using php scripts, Anton Titov
Next by Date:  RE: A question about passwords and login/authentication, Scott Fagg
Previous by Thread:  Deny Access To configuration file using php scripts, raT
Next by Thread:  Re: A question about passwords and login/authentication, Zero Burnout
Indexes:  [Date] [Thread] [Top] [All Lists]