> and UNIX passwords are _IMPOSSIBLE_ to crack. (I know, you have heard the same > bullshit I have about someone claiming they can crack them)i. A person would > have a greater chance guessing a passwd than cracking it. (not the same BTW) You HAVE to be joking. Ever heard of the program Crack, freely available anywhere on the internet? Take your /etc/passwd file and run it under crack one time my friend. Wher eI work we have 3000 users. Dude, it broke 300 passwords. Weve sinced moved to shadow passwords, and randomly chosen garbage passwords, but still. Uncrakable? I think not. > Of course, if some asshole uses a password that is in any language dictionary, > you can't do anything about that. I require 8 char passwd's with at least > 2 numbers, 2 upper case letters, and one shift key (excliuding & % @). I then > run a 4 hr dic-o-cracker(simply runs through dictionaries and nickname files > trying to guess the passwd) > I would say you have nothing to worry about. As long as the mud code has no backdoors put into it by a malicious coder you hire, and that you dont start the mud in /etc/rc.local where it starts as root, thus giving any backdoor root acces to your whole computers files ........ Nothing is totally secure and nothing to worry about. However, yes Circle is good code, no backdoors in the distributed version. ******************************************************************* * Ron Hensley ron@dmv.com * * Junior Systems Administrator http://www.dmv.com/~ron * * PGP Key at WWW Page * * DelMarVa OnLine 749-7898 Ext. 403 * ******************************************************************* +-----------------------------------------------------------+ | Ensure that you have read the CircleMUD Mailing List FAQ: | | http://cspo.queensu.ca/~fletcher/Circle/list_faq.html | +-----------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/18/00 PST