Hello Craig, On Mon, 2012-01-02 at 01:04 -0700, Craig White wrote: > Very often, a single user with a > weak password has his account cracked and then a hacker can get a copy > of /etc/shadow and brute force the root password. This is incorrect. The whole reasoning behind /etc/shadow is to hide the actual hashes from normal system users. /etc/shadow is chown root.root and chmod 0400. Without root access /etc/shadow is not accessible. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: an actual hacked machine, in a preserved state
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: an actual hacked machine, in a preserved state
- From: Leonard den Ottolander <leonard@xxxxxxxxxxxxxxxxx>
- Date: Tue, 03 Jan 2012 10:08:40 +0100
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <1325491442.15408.252.camel@lin-workstation.azapple.com>
- Follow-Ups:
- Re: an actual hacked machine, in a preserved state
- From: Rudi Ahlers
- Re: an actual hacked machine, in a preserved state
- References:
- an actual hacked machine, in a preserved state
- From: Bennett Haselton
- Re: an actual hacked machine, in a preserved state
- From: Craig White
- an actual hacked machine, in a preserved state
- Prev by Date: Re: an actual hacked machine, in a preserved state
- Next by Date: Re: an actual hacked machine, in a preserved state
- Previous by thread: Re: an actual hacked machine, in a preserved state
- Next by thread: Re: an actual hacked machine, in a preserved state
- Index(es):
 |