Re: [ADMIN]Firewalls....

From: Ron Hensley (
Date: 09/19/96

> and UNIX passwords are _IMPOSSIBLE_ to crack. (I know, you have heard the same
> bullshit I have about someone claiming they can crack them)i. A person would
> have a greater chance guessing a passwd than cracking it. (not the same BTW)

You HAVE to be joking. Ever heard of the program Crack, freely available
anywhere on the internet? Take your /etc/passwd file and run it under
crack one time my friend. Wher eI work we have 3000 users. Dude, it broke 
300 passwords. Weve sinced moved to shadow passwords, and randomly chosen
garbage passwords, but still.

Uncrakable? I think not.

> Of course, if some asshole uses a password that is in any language dictionary,
> you can't do anything about that. I require 8 char passwd's with at least
> 2 numbers, 2 upper case letters, and one shift key (excliuding & % @). I then
> run a 4 hr dic-o-cracker(simply runs through dictionaries and nickname files
> trying to guess the passwd)

> I would say you have nothing to worry about.

As long as the mud code has no backdoors put into it by a malicious coder
you hire, and that you dont start the mud in /etc/rc.local where it starts
as root, thus giving any backdoor root acces to your whole computers files

Nothing is totally secure and nothing to worry about. However, yes Circle
is good code, no backdoors in the distributed version.

    *   Ron Hensley                              *
    *   Junior Systems Administrator       *
    *                                   PGP Key at WWW Page           *
    *   DelMarVa OnLine                 749-7898 Ext. 403             *

| Ensure that you have read the CircleMUD Mailing List FAQ: |
|   |

This archive was generated by hypermail 2b30 : 12/18/00 PST