> On Feb 4, 2015, at 4:14 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: > > Not exactly - it just becomes a question of whether the complexity > requirements imposed by the installer are really worth much against > the pre-hashed lists that would be used to match up the shadow > contents. Rainbow tables don’t help against salted hashes. Rainbow tables are for attacking *un*salted hashes, like NTLM used. https://crackstation.net/hashing-security.htm When the hashes are properly salted, the only option is brute force. All having /etc/shadow does for you is let you make billions of guesses per second instead of 5 guesses per minute, as you get with proper throttling on remote login avenues. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Another Fedora decision
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Another Fedora decision
- From: Warren Young <wyml@xxxxxxxxxxx>
- Date: Wed, 4 Feb 2015 16:36:59 -0700
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <CAOAgVpwHGpnHMCV=Kn1U698Bj4oUKrX3JhWU+MB5pcAN=xEPUg@mail.gmail.com>
- Follow-Ups:
- Re: Another Fedora decision
- From: Kahlil Hodgson
- Re: Another Fedora decision
- References:
- Re: Another Fedora decision
- From: Lamar Owen
- Re: Another Fedora decision
- From: Lamar Owen
- Re: Another Fedora decision
- From: Warren Young
- Re: Another Fedora decision
- From: Lamar Owen
- Re: Another Fedora decision
- From: Warren Young
- Re: Another Fedora decision
- From: Les Mikesell
- Re: Another Fedora decision
- Prev by Date: Re: Another Fedora decision
- Next by Date: Re: Another Fedora decision
- Previous by thread: Re: Another Fedora decision
- Next by thread: Re: Another Fedora decision
- Index(es):
 |