Quiz no 1
Theodoros V. Kalamatianos
thkala at softlab.ece.ntua.gr
Wed Apr 7 20:19:26 EEST 2004
On Wed, 7 Apr 2004, Jimmy Angelakos wrote:
> Exm... de nomizw... den eimai sigouros alla apla CRC32 checksums den
> krataei? Se auth thn periprwsh den uparxei oute robustness oute tipota apo
> tis fantasiwseis sou :>
Vasika sta sxetika palia systhmata eixan ena DES derived hash gia kathe
password, i.e. ena kleidi twn 56 bit. Auto safws kai spaei sxetika eukola
pleon, akoma kai me aplous algorithmous pou dokimazoun olo to keyspace me
th seira. Den kserw omws an to "eukola" isxyei kai gia to PC tou spitiou
sou, afou den to exw dokimasei pote :-)
Sta pio nea systhmata (p.x. linux distributions apo 2000 kai meta)
xrhsimopoioun ena MD5 hash twn 128bit. Auto einai sxetika dyskolo na
spasei. An ta passwords htan pragmatika tyxaia tote oi pithanothtes kai h
diarkeia ths anthrwpinhs zwhs einai mallon enantion sou. Wstoso edw o
adynamos krikos einai o anthrwpos, gi'auto kai oi kryptografikes
epitheseis me xrhsh leksikwn einai olo kai pio syxnes.
Synhthws arkei ena aplo user account gia na ginei h zhmia (as einai kala
ta diafora local root exploits), kai olo kai kapoios tha exei valei ws
password to onoma ths gatas tou... Kai fysika oso perissoterous xrhstes
exeis toso auksanetai h apotelesmatikothta twn spasthriwn sta passwd
files, afou ola ta passwords elegxontai parallhla.
Pantws exw tis amfivolies mou an aksizei na katsei kaneis na spasei
passwd files. Peran tou oti an einai se thesh na ta diavasei synithws
einai hdh root ( :-D ), nomizw oti einai poly xronovora kai
anapotelesmatikh diadikasia, opote einai h teleutaia epilogh. Synhthws
kapios pou exei valei sto mati ena systhma tha exei vrei kapoio exploit
se kapoio service poly prin arxisei na asxoleitai me password files.
More information about the Linux-greek-users
mailing list