f



/etc/security/passwd

How does one decipher the password = values.


0
jd9221 (49)
6/25/2004 11:13:33 AM
comp.unix.aix 10963 articles. 1 followers. drkirkby (98) is leader. Post Follow

13 Replies
6207 Views

Similar Articles

[PageSpeed] 33

jd wrote:

> How does one decipher the password = values.

You're gonna need more than this to get our help script kiddie.

0
sjm_news (320)
6/25/2004 11:29:44 AM
Right. I see you're of no value to me.

....why even bother replying?
"Simon Marchese" <sjm_news@yahoo.co.uk> wrote in message
news:cbh2b8$56t$3@titan.btinternet.com...
> jd wrote:
>
> > How does one decipher the password = values.
>
> You're gonna need more than this to get our help script kiddie.
>


0
jd9221 (49)
6/25/2004 11:46:32 AM
>> "Simon Marchese" <sjm_news@yahoo.co.uk> wrote in message
> >news:cbh2b8$56t$3@titan.btinternet.com...
> > jd wrote:
> >
> > > How does one decipher the password = values.
> >
> > You're gonna need more than this to get our help script kiddie.
> >
"jp" <jd@nospam.com> schrieb im Newsbeitrag
news:sgUCc.63902$sj4.29536@news-server.bigpond.net.au...
>
> Right. I see you're of no value to me.
>
> ...why even bother replying?
>

http://www.catb.org/~esr/faqs/smart-questions.html#asking


0
b79xan (403)
6/25/2004 12:03:22 PM
Here we go.  Yet another one who is prepared to waste their time on this
planet.

Every single point on that FAQ applies to you to. It's your choice to reply.
If the question it so trivial for you; ignore it. Perhaps at a later date
read the replies for some humour.  This is supposed to be a Help Forum. It
fails me as to already I have two responses that are detrimental to my
problem.  I have no doubt that more will follow. Sheep.

As you can tell I'm not familiar with AIX or any UNIX system. I have been
dumped with this problem and has come here for guidance from others who may
have it in their hearts to help without prejudice. I have searched and found
certain tools ftp.cert.org/pub/tools/crack. Yet I have little knowledge on
how to use them.

Simon and Andreas I hope you both sleep well tonight.
Forget I ever asked.


"Andreas Schulze" <b79xan@gmx.de> wrote in message
news:cbh2la$14h2@news-1.bank.dresdner.net...
> >> "Simon Marchese" <sjm_news@yahoo.co.uk> wrote in message
> > >news:cbh2b8$56t$3@titan.btinternet.com...
> > > jd wrote:
> > >
> > > > How does one decipher the password = values.
> > >
> > > You're gonna need more than this to get our help script kiddie.
> > >
> "jp" <jd@nospam.com> schrieb im Newsbeitrag
> news:sgUCc.63902$sj4.29536@news-server.bigpond.net.au...
> >
> > Right. I see you're of no value to me.
> >
> > ...why even bother replying?
> >
>
> http://www.catb.org/~esr/faqs/smart-questions.html#asking
>
>


0
jd9221 (49)
6/25/2004 12:29:14 PM
please provide more details...

jd wrote:

> How does one decipher the password = values.
> 
> 

0
jim_85cj (22)
6/25/2004 12:50:49 PM
In article <uUUCc.63930$sj4.19136@news-server.bigpond.net.au>, jd wrote:
> Here we go.  Yet another one who is prepared to waste their time on this
> planet.
> 
> Every single point on that FAQ applies to you to. It's your choice to reply.
> If the question it so trivial for you; ignore it. Perhaps at a later date
> read the replies for some humour.  This is supposed to be a Help Forum. It
> fails me as to already I have two responses that are detrimental to my
> problem.  I have no doubt that more will follow. Sheep.
> 
> As you can tell I'm not familiar with AIX or any UNIX system. I have been
> dumped with this problem and has come here for guidance from others who may
> have it in their hearts to help without prejudice. I have searched and found
> certain tools ftp.cert.org/pub/tools/crack. Yet I have little knowledge on
> how to use them.
> 
> Simon and Andreas I hope you both sleep well tonight.
> Forget I ever asked.
> 
> 
> "Andreas Schulze" <b79xan@gmx.de> wrote in message
> news:cbh2la$14h2@news-1.bank.dresdner.net...
>> >> "Simon Marchese" <sjm_news@yahoo.co.uk> wrote in message
>> > >news:cbh2b8$56t$3@titan.btinternet.com...
>> > > jd wrote:
>> > >
>> > > > How does one decipher the password = values.
>> > >
>> > > You're gonna need more than this to get our help script kiddie.
>> > >
>> "jp" <jd@nospam.com> schrieb im Newsbeitrag
>> news:sgUCc.63902$sj4.29536@news-server.bigpond.net.au...
>> >
>> > Right. I see you're of no value to me.
>> >
>> > ...why even bother replying?
>> >
>>
>> http://www.catb.org/~esr/faqs/smart-questions.html#asking
>>
>>
> 
> 

Knowing that you are not familiar with unix systems helps and
is not a part of your original posting. On unix-like systems
the primary encryption function, and is used to encrypt passwords,
is the crypt(3) function. The (3) refers the original AT&T chapter
number. Chapter 3 are user-level, or non-kernel, functions. This
means functions that do not interact with the kernel. Examples of
kernel-level functions are functions that require I/O, memory
allocation, and similiar functions.

Back to the crypt(3) function. This function generates a one-way
hash of the input to the function. As a one-way hash there is
no way to decrypt the encrypted data. A brute force method of
determining the password is to encrypt all possible combinations
of letters, numbers, and symbols until you find an encrpyted
match. Once you have an encrypted value that matches, then you
know the unencrypted password.

Mike
0
mikee (687)
6/25/2004 12:53:10 PM
Jim,

I have this file that looks something like this:

hjones:
 password = t0X8gm1/sEFPw
 lastupdate = 829892641
 flags =

slekat:
 password = VJe/2hFJUpR52
 lastupdate = 829115731
 flags = ADMCHG

cleezar:
 password = SA/x1WZhpDcy.
 lastupdate = 985736972
 flags =

etc...

I have the corresponding passwd file  /etc/passwd. I have been asked to find
a particular users password so they can monitor their email account from an
existing windows machines .( Currently they are opening the mailbox on the
AIX which works fine, they want more) They Use AIX 4.3.0

Best wished
JD.




"Jim85CJ" <jim_85cj@NOSPAMyahoo.com> wrote in message
news:JcVCc.25802$Y3.11995@newsread2.news.atl.earthlink.net...
> please provide more details...
>
> jd wrote:
>
> > How does one decipher the password = values.
> >
> >
>


0
jd9221 (49)
6/25/2004 1:02:41 PM
Brute Force. That would involve the 'crack' program.

Thank you for your informative reply Mike,
Best Wishes,
JD

"Mike" <mikee@mikee.ath.cx> wrote in message
news:10do81mefk8gn4e@corp.supernews.com...
> In article <uUUCc.63930$sj4.19136@news-server.bigpond.net.au>, jd wrote:
> > Here we go.  Yet another one who is prepared to waste their time on this
> > planet.
> >
> > Every single point on that FAQ applies to you to. It's your choice to
reply.
> > If the question it so trivial for you; ignore it. Perhaps at a later
date
> > read the replies for some humour.  This is supposed to be a Help Forum.
It
> > fails me as to already I have two responses that are detrimental to my
> > problem.  I have no doubt that more will follow. Sheep.
> >
> > As you can tell I'm not familiar with AIX or any UNIX system. I have
been
> > dumped with this problem and has come here for guidance from others who
may
> > have it in their hearts to help without prejudice. I have searched and
found
> > certain tools ftp.cert.org/pub/tools/crack. Yet I have little knowledge
on
> > how to use them.
> >
> > Simon and Andreas I hope you both sleep well tonight.
> > Forget I ever asked.
> >
> >
> > "Andreas Schulze" <b79xan@gmx.de> wrote in message
> > news:cbh2la$14h2@news-1.bank.dresdner.net...
> >> >> "Simon Marchese" <sjm_news@yahoo.co.uk> wrote in message
> >> > >news:cbh2b8$56t$3@titan.btinternet.com...
> >> > > jd wrote:
> >> > >
> >> > > > How does one decipher the password = values.
> >> > >
> >> > > You're gonna need more than this to get our help script kiddie.
> >> > >
> >> "jp" <jd@nospam.com> schrieb im Newsbeitrag
> >> news:sgUCc.63902$sj4.29536@news-server.bigpond.net.au...
> >> >
> >> > Right. I see you're of no value to me.
> >> >
> >> > ...why even bother replying?
> >> >
> >>
> >> http://www.catb.org/~esr/faqs/smart-questions.html#asking
> >>
> >>
> >
> >
>
> Knowing that you are not familiar with unix systems helps and
> is not a part of your original posting. On unix-like systems
> the primary encryption function, and is used to encrypt passwords,
> is the crypt(3) function. The (3) refers the original AT&T chapter
> number. Chapter 3 are user-level, or non-kernel, functions. This
> means functions that do not interact with the kernel. Examples of
> kernel-level functions are functions that require I/O, memory
> allocation, and similiar functions.
>
> Back to the crypt(3) function. This function generates a one-way
> hash of the input to the function. As a one-way hash there is
> no way to decrypt the encrypted data. A brute force method of
> determining the password is to encrypt all possible combinations
> of letters, numbers, and symbols until you find an encrpyted
> match. Once you have an encrypted value that matches, then you
> know the unencrypted password.
>
> Mike


0
jd9221 (49)
6/25/2004 1:03:54 PM
In article <RnVCc.63959$sj4.62995@news-server.bigpond.net.au>, jd wrote:
> Jim,
> 
> I have this file that looks something like this:
> 
> hjones:
>  password = t0X8gm1/sEFPw
>  lastupdate = 829892641
>  flags =
> 
> slekat:
>  password = VJe/2hFJUpR52
>  lastupdate = 829115731
>  flags = ADMCHG
> 
> cleezar:
>  password = SA/x1WZhpDcy.
>  lastupdate = 985736972
>  flags =
> 
> etc...
> 
> I have the corresponding passwd file  /etc/passwd. I have been asked to find
> a particular users password so they can monitor their email account from an
> existing windows machines .( Currently they are opening the mailbox on the
> AIX which works fine, they want more) They Use AIX 4.3.0
> 
> Best wished
> JD.
> 
> 
> 
> 
> "Jim85CJ" <jim_85cj@NOSPAMyahoo.com> wrote in message
> news:JcVCc.25802$Y3.11995@newsread2.news.atl.earthlink.net...
>> please provide more details...
>>
>> jd wrote:
>>
>> > How does one decipher the password = values.
>> >
>> >
>>
> 
> 

What kind of monitoring? Simply there is new mail or
actually retrieving the mail?  Most windows email clients
(outlook, outlook express) have facilities where the user
can enter their password at setup time and the client
there after uses that password to check and monitor email.

Mike
0
mikee (687)
6/25/2004 1:19:59 PM
If the person is already checking their mailbox on an AIX box then don't 
they already know their password?  UNIX password encryption was not 
meant to be easy to decrypt for very obvious reasons.

Anne

jd wrote:

>Jim,
>
>I have this file that looks something like this:
>
>hjones:
> password = t0X8gm1/sEFPw
> lastupdate = 829892641
> flags =
>
>slekat:
> password = VJe/2hFJUpR52
> lastupdate = 829115731
> flags = ADMCHG
>
>cleezar:
> password = SA/x1WZhpDcy.
> lastupdate = 985736972
> flags =
>
>etc...
>
>I have the corresponding passwd file  /etc/passwd. I have been asked to find
>a particular users password so they can monitor their email account from an
>existing windows machines .( Currently they are opening the mailbox on the
>AIX which works fine, they want more) They Use AIX 4.3.0
>
>Best wished
>JD.
>
>
>
>
>"Jim85CJ" <jim_85cj@NOSPAMyahoo.com> wrote in message
>news:JcVCc.25802$Y3.11995@newsread2.news.atl.earthlink.net...
>  
>
>>please provide more details...
>>
>>jd wrote:
>>
>>    
>>
>>>How does one decipher the password = values.
>>>
>>>
>>>      
>>>
>
>
>  
>

0
6/25/2004 4:09:13 PM
From the AIX logged in as root they can click the persons mailbox file and
view their mail. Now they want to keep records of it on a windows machine.
i.e. via POP.

"Anne Tuchscherer" <anntuchscherer@comcast.net> wrote in message
news:22aa9ec10bb0b4c15cc49048eb7169c1@news.teranews.com...
> If the person is already checking their mailbox on an AIX box then don't
> they already know their password?  UNIX password encryption was not
> meant to be easy to decrypt for very obvious reasons.
>
> Anne
>
> jd wrote:
>
> >Jim,
> >
> >I have this file that looks something like this:
> >
> >hjones:
> > password = t0X8gm1/sEFPw
> > lastupdate = 829892641
> > flags =
> >
> >slekat:
> > password = VJe/2hFJUpR52
> > lastupdate = 829115731
> > flags = ADMCHG
> >
> >cleezar:
> > password = SA/x1WZhpDcy.
> > lastupdate = 985736972
> > flags =
> >
> >etc...
> >
> >I have the corresponding passwd file  /etc/passwd. I have been asked to
find
> >a particular users password so they can monitor their email account from
an
> >existing windows machines .( Currently they are opening the mailbox on
the
> >AIX which works fine, they want more) They Use AIX 4.3.0
> >
> >Best wished
> >JD.
> >
> >
> >
> >
> >"Jim85CJ" <jim_85cj@NOSPAMyahoo.com> wrote in message
> >news:JcVCc.25802$Y3.11995@newsread2.news.atl.earthlink.net...
> >
> >
> >>please provide more details...
> >>
> >>jd wrote:
> >>
> >>
> >>
> >>>How does one decipher the password = values.
> >>>
> >>>
> >>>
> >>>
> >
> >
> >
> >
>


0
jd9221 (49)
6/26/2004 3:06:15 PM
They have set up a outlook client to poll the users mailbox and retrieve all
message on there every 2 minutes.  (obviously leaving them on there as to
not attract attention to the account in question). To do this they need the
user's POP password - hence their AIX password.

"Mike" <mikee@mikee.ath.cx> wrote in message
news:10do9jvp48oesed@corp.supernews.com...
> In article <RnVCc.63959$sj4.62995@news-server.bigpond.net.au>, jd wrote:
> > Jim,
> >
> > I have this file that looks something like this:
> >
> > hjones:
> >  password = t0X8gm1/sEFPw
> >  lastupdate = 829892641
> >  flags =
> >
> > slekat:
> >  password = VJe/2hFJUpR52
> >  lastupdate = 829115731
> >  flags = ADMCHG
> >
> > cleezar:
> >  password = SA/x1WZhpDcy.
> >  lastupdate = 985736972
> >  flags =
> >
> > etc...
> >
> > I have the corresponding passwd file  /etc/passwd. I have been asked to
find
> > a particular users password so they can monitor their email account from
an
> > existing windows machines .( Currently they are opening the mailbox on
the
> > AIX which works fine, they want more) They Use AIX 4.3.0
> >
> > Best wished
> > JD.
> >
> >
> >
> >
> > "Jim85CJ" <jim_85cj@NOSPAMyahoo.com> wrote in message
> > news:JcVCc.25802$Y3.11995@newsread2.news.atl.earthlink.net...
> >> please provide more details...
> >>
> >> jd wrote:
> >>
> >> > How does one decipher the password = values.
> >> >
> >> >
> >>
> >
> >
>
> What kind of monitoring? Simply there is new mail or
> actually retrieving the mail?  Most windows email clients
> (outlook, outlook express) have facilities where the user
> can enter their password at setup time and the client
> there after uses that password to check and monitor email.
>
> Mike


0
jd9221 (49)
6/26/2004 3:08:01 PM
In article <ljgDc.65424$sj4.37487@news-server.bigpond.net.au>, jd wrote:
> They have set up a outlook client to poll the users mailbox and retrieve all
> message on there every 2 minutes.  (obviously leaving them on there as to
> not attract attention to the account in question). To do this they need the
> user's POP password - hence their AIX password.
> 
> "Mike" <mikee@mikee.ath.cx> wrote in message
> news:10do9jvp48oesed@corp.supernews.com...
>> In article <RnVCc.63959$sj4.62995@news-server.bigpond.net.au>, jd wrote:
>> > Jim,
>> >
>> > I have this file that looks something like this:
>> >
>> > hjones:
>> >  password = t0X8gm1/sEFPw
>> >  lastupdate = 829892641
>> >  flags =
>> >
>> > slekat:
>> >  password = VJe/2hFJUpR52
>> >  lastupdate = 829115731
>> >  flags = ADMCHG
>> >
>> > cleezar:
>> >  password = SA/x1WZhpDcy.
>> >  lastupdate = 985736972
>> >  flags =
>> >
>> > etc...
>> >
>> > I have the corresponding passwd file  /etc/passwd. I have been asked to
> find
>> > a particular users password so they can monitor their email account from
> an
>> > existing windows machines .( Currently they are opening the mailbox on
> the
>> > AIX which works fine, they want more) They Use AIX 4.3.0
>> >
>> > Best wished
>> > JD.
>> >
>> >
>> >
>> >
>> > "Jim85CJ" <jim_85cj@NOSPAMyahoo.com> wrote in message
>> > news:JcVCc.25802$Y3.11995@newsread2.news.atl.earthlink.net...
>> >> please provide more details...
>> >>
>> >> jd wrote:
>> >>
>> >> > How does one decipher the password = values.
>> >> >
>> >> >
>> >>
>> >
>> >
>>
>> What kind of monitoring? Simply there is new mail or
>> actually retrieving the mail?  Most windows email clients
>> (outlook, outlook express) have facilities where the user
>> can enter their password at setup time and the client
>> there after uses that password to check and monitor email.
>>
>> Mike
> 
> 

Sounds like this person wants to monitor the email of another person.
Since you have root access to the box, create another account having
the same userid (the number in /etc/passwd). Use the new account to
monitor the email. Make sure the duplicate account is lower in
/etc/passwd than the original account.

This is a security question and not a /etc/passwd question.
0
mikee (687)
6/26/2004 4:03:51 PM
Reply:

Similar Artilces:

AIX LDAP /etc/passwd netgroups
Has anyone successfully used an openldap server with AIX? I can get a user to authenticate, and I can get the user and group maps to work, but I can't get netgroups to work. In particular, no matter what I put in /etc/passwd, I can't get AIX to even query the LDAP server for netgroups. I _can_ get netgroup data using getnetgrent(). -Rick In article <cbsetf$1m4$1@news01.cit.cornell.edu>, Rick <nospam@nospam.com> wrote: > Has anyone successfully used an openldap server with AIX? > > I can get a user to authenticate, and I can get the user and group maps to > work, > but I can't get netgroups to work. > > In particular, no matter what I put in /etc/passwd, I can't get AIX to even > query the LDAP server for netgroups. > > I _can_ get netgroup data using getnetgrent(). > > -Rick Hi Rick, I have been trying to build openldap under AIX 5.2 with little success. What version of openldap are you using and which aix? Thanks Mike Klein wrote: > Hi Rick, I have been trying to build openldap under AIX 5.2 with little > success. What version of openldap are you using and which aix? Sorry. Can't be of much help here. We're running The Written Word version of openldap 2.1.27 under Solaris as our server. You might try the openldap RPM in the AIX Toolbox for Linux Applications at http://www-1.ibm.com/servers/aix/products/aixos/linux/. They have 2.0.21. They are rather disappointingly be...

Password Security and /etc/default/passwd
A couple of questions regarding pam_authtok_check and friends. 1) What does the NAMECHECK variable in /etc/default/passwd actually do? The documentation in the passwd(1) simply repeats the same text found in /etc/default/passwd, which simply says "do login name checking". What kind of checking is that then? 2) Where is the password history to deal with variables such as MAXREPEATS kept? Are just the hashes stored? If so, do I break this if I change crypt algorithms? 3) If just the hashes are stored, how does MINDIFF work? As always, I'm looking for actual answ...

/etc/security/passwd flags corruption ?
What can cause corruption of the "flags" fields in /etc/security/ passwd ? Here is an example: (Weird characters did not paste) Line 2045: "flags =3D =F6" Line 2415: "flags =3D )=B0" Most of the servers where we are having this corruption are AIX 5.2 Thanks, --Ben On Nov 24, 4:45 am, Benoit Lefebvre <benoit.lefeb...@gmail.com> wrote: > What can cause corruption of the "flags" fields in /etc/security/ > passwd ? > > Here is an example: (Weird characters did not paste) > Line 2045: "flags =3D =F6" > Line 2415: "flags =3D )=B0" > > Most of the servers where we are having this corruption are AIX 5.2 > > Thanks, > --Ben weird; anyone manually updating the file ? what ML are you on ? what LANG setting are you using ? On Nov 25, 5:10 pm, Henry <snogfest_hosebe...@yahoo.com> wrote: > On Nov 24, 4:45 am, Benoit Lefebvre <benoit.lefeb...@gmail.com> wrote: > > > What can cause corruption of the "flags" fields in /etc/security/ > > passwd ? > > > Here is an example: (Weird characters did not paste) > > Line 2045: "flags =3D =F6" > > Line 2415: "flags =3D )=B0" > > > Most of the servers where we are having this corruption are AIX 5.2 > > > Thanks, > > --Ben > > weird; anyone manually updating the file ? > what ML are you on ? > what LANG setting are you using ? ml: 5...

Question on Migration of /etc/passwd and Security
Hello: Just wondering if wanted to migrate users from one host A to B, can I do the following: Append the /etc/passwd to /etc/passwd of host B? What if i throw Shadowed passwd to it? will that work as well (given that above given scenario will work)? Being new to HP-UX I was thinking about if that's possible. If it works that' really bad from sec. perspective I guess, because that means the encryption does'nt follow the mathematical theory of encryption being toatally random. Appreciate your comments. Vince Hi Vince > Just wondering if wanted to migrate users from one ...

/etc/security/user file in AIX
I was reviewing the /etc/security/user file in a few AIX machines. I noticed that the file contains default: and each user id. Somehow, I also noticed that the settings were different in the default and other user ids. Under this situation, which settings are working? The settings in default: or in a specific user id? For example: In the default: maxage = 0 minlen =6 but in an user id: maxage = 4 minlen = 8 which will work? I believe the settings specific to each user take precedence over the default settings. If you were to create a new user, the default settings ...

/etc/passwd on aix 4.3.3.11
hello , i'm working on aix 4.3.3.11 S80 machine . my /etc/passwd have 17000 lines. how can i organize my /etc/passwd that my users can login faster ? any one tyr this befor ? thans ariec <arieco@clalit.org.il> schrieb im Newsbeitrag news:1109072190.357632.180490@z14g2000cwz.googlegroups.com... > hello , > > i'm working on aix 4.3.3.11 S80 machine . > > my /etc/passwd have 17000 lines. > > how can i organize my /etc/passwd that my users can login faster ? > > any one tyr this befor ? > > thans > > ariec > Hallo ariec, you can index the /etc/passwd by running the mkpasswd -c command. IBM promises "[...] significantly enhances performance for large user base systems [...]". Check the mkpasswd manpage for details. HTH, andreas ...

Difference between HP Unix and Unix AIX
What are the difference between HP Unix and HP AIX at command line ??? Is there any ? dlprogress wrote: > What are the difference between HP Unix and HP AIX at command line ??? > Is there any ? > > Unless you're getting into system dependent stuff, no, there's no real difference. However, one real difference is that AIX is an IBM and not an HP product. -- Fletcher Glenn ...

AIX 5.2 ML01: rss , rss_hard and stack , stack_hard in /etc/security/limits
I have read IBM documentation on rss , rss_hard and stack stack_hard but unable to understand it. If value of rss = 65536 rss_hard = 65536 stack = 32767 stack_hard = 32767 data = 491519 data_hard = 491519 for user vkgtry1 % ulimit -Ha time(seconds) unlimited file(blocks) unlimited data(kbytes) 245760 stack(kbytes) 16384 memory(kbytes) 32768 coredump(blocks) 1000 nofiles(descriptors) 2500 Then what would be memory location / use effect of program / processed used by user vkgtry1 under AIX 5.2 ML01? Thanks, VKG Vikrant wrote: > I have read IBM documentation on rss , rss_hard and stack stack_hard > but unable to understand it. > > If value of rss = 65536 > rss_hard = 65536 > stack = 32767 > stack_hard = 32767 > data = 491519 > data_hard = 491519 > > for user vkgtry1 > > % ulimit -Ha > time(seconds) unlimited > file(blocks) unlimited > data(kbytes) 245760 > stack(kbytes) 16384 > memory(kbytes) 32768 > coredump(blocks) 1000 > nofiles(descriptors) 2500 > > Then what would be memory location / use effect of program / processed > used by user vkgtry1 under AIX 5.2 ML01? > > Thanks, > VKG ...

user authentication via /etc/passwd|/etc/shadow
Hi, I want to write a program where I authenticate users via the standard unix system accounts. I didn't find a module providing this functionality. Is there such a module available? If not, how can I achieve this? Marco -- Marco Herrn herrn@gmx.net (GnuPG/PGP-signed and crypted mail preferred) Key ID: 0x94620736 Marco Herrn wrote: > I want to write a program where I authenticate users via the standard > unix system accounts. I didn't find a module providing this > functionality. Is there such a module available? If not, how can I > achieve this? You need...

How secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the login page. Are ...

how secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the login page. Are there any security risks/holes that I should know about? Thanks in advance, Aaron PS I do have access to Tomcat, but have been unable to figure out how to set it up (this is my first time setting up security for a site) - so if anyone has any tips/links that information would be most appreciated. Thanks again. ...

Unix AIX
What is the best way to clear semaphores and shared memory, sometimes we run those ipcs and ipcrm commands but some of them do not go away and the server hangs, i would apprecaite a list of commands for unix aix, we are on version 6.1 Thanks!! SAPUNIX wrote: > What is the best way to clear semaphores and shared memory, sometimes > we run those ipcs and ipcrm commands but some of them do not go away > and the server hangs those who do not go away, are they really not in use anymore? In comp.unix.aix, Sven Mascheck <mascheck@email.invalid> wrote: >SAPUNIX wrote: >> What is the best way to clear semaphores and shared memory, sometimes >> we run those ipcs and ipcrm commands but some of them do not go away >> and the server hangs > >those who do not go away, are they really not in use anymore? My experience is if they don't go away from properly formatted ipcs / ipcrm commands, it's because they're tied to processes which are hung waiting on kernel threads (and basically, defunct). In which case you need to kill the owning process (which is already dead, and which probably won't respond to a kill -9 since it's stuck in a kernel thread) or reboot the box. SAP is the worst offender in this regard IME. It's the only app I've ever known people have to constantly clear down shared memory / semaphores for when it doesn't shut down cleanly. -- Tony Evans Saving trees and wasting electrons since 1993 blog...

AIX security
Hi, I would like to harden some of our AIX boxes. What are all I need to do for this. And here we use "rexec" for executing some of the programs. How can we avoid this. Is there any alternate secure way for this. Please suggest me. Best Regards Siva. haisiva@yahoo.com (Krishna) writes: > Hi, > > I would like to harden some of our AIX boxes. What are all I need to > do for this. > > And here we use "rexec" for executing some of the programs. How can we > avoid this. Is there any alternate secure way for this. SSH is something you should start be...

/etc/passwd
Can someone tell me how the last field in a record of the /etc/passwd text file can be executable? I've noticed that the parent pid of my login shell is 1, the init process. Is the init process merely reading this field and executing it? Thanks nick <cupofjava1961@aol.com> writes: > I've noticed that the parent pid of my login shell is 1, the init > process. When the parent process of a process goes away, the parent pid is set to 1. How do you login to your login shell and on which OS? -- Thorbj�rn Ravn Andersen I login to slackware using ksh.new (the new Korn shel...

"Real Name" in /etc/passwd contains +, _ etc
In the passwd file on the server I am using, some names have odd characters in them, e.g. Fred+ Flinstone I was curious as to whether anyone know if this was intentional, an error on the sysadmin's part, etc. Cheers! Mitch. Mitch <spudtheimpaler@hotORgooMAIL.invalid> writes: > In the passwd file on the server I am using, some names have odd > characters in them, e.g. Fred+ Flinstone 1) Some systems (like Sun's YP/nis database) use the + to indicate a reference to a remote data label, but as I recall, it's used before an '@' and followed by a label name....

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304157603)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304157603) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexibl...

Editing /etc/passwd and /etc/shadow doesn't reset password. Why?
Ok. I'm very close to getting into the box now, but one thing stands in my way. (I put up a linux box, dd'ed the drive to another one to play with, restamped it with the geometry (edvtoc -p) and got it fsck'ed and mounted) Then I edited out the encrypted password field in /etc/shadow. Figured this would reset it, but no dice. Still can't get in. (either hitting return at the login or space) Also tried editing out the field in /etc/passwd, editing out both, editing out /etc/opasswd and /etc/oshadow I read somewhere that you could chroot the mounted directory, so I did that like this: chroot /mnt /bin/su root *which works* but when I run "passwd" from there, it asks me for the old password, even though I am running as root. I am logged in as root in the shell I mounted the drive in, and I verified it with "id", which told me UID 0(root),GID3(sys). I also tried the following: I have an account on my system I put up to mount the drive, called admin, (my non-root account) It has a password of "password". So I copied that hash from the shadow file into the entry for root, and it still wouldn't let me in. Is there some sort of other user database where the old password is still being stored? CHoaglin wrote: > >Is there some sort of other user database where the old password is still being >stored? > > > /tcb/files/auth/r/root Have a poke about in this area, you should get the idea of how it hangs togethe...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304732416)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304732416) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexible schedule must be able to work 1st or 2nd shift any day of the week . Self-started no time for OJT. Extra points TCP IP, Oracle, DB2 database admin, complex networks. Please send your current resume in confidence to "Karen Lehman" <klehman@eurosoft-inc.com> ..45304732416. ...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304132401)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304132401) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexibl...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304732416)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304732416) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexibl...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45303583160)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45303583160) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexibl...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304132401)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304132401) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexible schedule must be able to work 1st or 2nd shift any day of the week . Self-started no time for OJT. Extra points TCP IP, Oracle, DB2 database admin, complex networks. Please send your current resume in confidence to "Karen Lehman" <klehman@eurosoft-inc.com> ..45304132401. ...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45303832413)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45303832413) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexible schedule must be able to work 1st or 2nd shift any day of the week . Self-started no time for OJT. Extra points TCP IP, Oracle, DB2 database admin, complex networks. Please send your current resume in confidence to "Karen Lehman" <klehman@eurosoft-inc.com> ..45303832413. ...

US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304457606)
US-TX-Austin: Application Developer-AIX, AIX, UNIX; 7M (45304457606) ==================================================================== Position: Application Developer-AIX Reference: MKL00780 Location: Austin TX Duration: 7M Skills: AIX UNIX Scope: Unix AIX preferred system admin skills and experience. Experience configuring all types of servers, storage and networks. Excellent written communication skills must be able to clearly describe a problem and resolution status Flexibl...

Web resources about - /etc/security/passwd - comp.unix.aix

Krebs on Security
The House Financial Services Committee is slated to hold a hearing this Friday on the impact of cyber heists against small- to mid-sized businesses. ...

Security Middle East - Latest news from the Middle East.
Security Middle East is a news portal for the entire security industry, focussed specifically on latest security news from the Middle East. Security ...

Information Security News, IT Security News & Expert Insights: SecurityWeek.Com
IT Security News and Information Security News, Cyber Security, Network Security, Enterprise Security Threats, Cybercrime News and more. Information ...

Committee on National Security Systems - Wikipedia, the free encyclopedia
The National Security Telecommunications and Information Systems Security Committee (NSTISSC) was established under National Security Directive ...

Belgian nuclear guard shot and security access badge stolen, according to media reports
Two days after bomb attacks at Brussels airport and on a packed metro killed 31 people and injured hundreds, a security guard who worked at a ...

Brussels 'march against fear' called off after security concerns
Organisers have cancelled a march in Brussels that was meant to show defiance to last week's bomb attacks, after senior officials urged people ...

Gmail beefs up security through warnings
... of many of their services. The most recent of these to get an upgrade is Gmail, which now has improved in-email link protection.The security ...

Is Apple’s reluctance to implement a bug bounty program a security risk?
... it's Google handing out $12,000 to a former employee who managed to purchase the Google.com domain name or Facebook paying $15,000 to a security ...


Recently patched security flaw bypassed OS X's new defenses
Theoretically, the System Integrity Protection introduced in OS X El Capitan makes it very hard to completely compromise a Mac. The feature prevents ...

Resources last updated: 3/26/2016 11:06:00 PM