(The original message was sent to just me, but since this is the second "there's no point in worrying about it message" I thought I'd save myself the trouble of sending it out twice. Really, I'm getting very worried, I went through all this about ten years ago and now I'm having to go through it again.) Helge Bahmann wrote: > [Explanation of how to extract someone's password while they log in] Yes, I know that, but there are some serious and important differences. There are any number of ways in which you can extract someone's password while they are actually logging in. There are even a good number of ways that you can extract passwords by hijacking the login program one way or another. Replacing the login program was a favourite way or extracting passwords from people under Unix Edition 7 ... Storing the password in /var/log/messages falls into a completely different category. Consider this as an example. When you back your system up at night, what do you do with the backup tapes? Most people leave their tapes in a convenient place. My convenient place is on the desk. Server back tapes go into the "cottage" after they've been sat on a desk for a day or so. Getting hold of backup tapes is not difficult and, since log files are modified frequently, they'll be backed up every day. So, I can "borrow" the tape from a collegue's desk after they've gone home and I can extract the logs mine them for passwords. I don't need any special privilege to do this, just the fact that people don't normally lock up their backup tapes. It doesn't matter if I lock up my backup tapes, someone else will leaves tapes lying around. This is terrible. We have a kerberos server for secure authentication. (Well, we don't, but this isn't entirely fiction.) This means that I can mine the backups all I like for copies of authentication databases (password files) and I won't find them so I can't do dictionary attacks against those databases. But what the hell, I don't need to, all I need to do is get the password from the log files. Of course, in an ideal world, you wouldn't leave your backup tapes lying around. People would have different passwords for different machines and purposes -- knowing my manager's password wouldn't help me read confidential information about my collegues. But people *are* sloppy, they do leave backup tapes lying around, they do mail syslog summaries to insecure accounts (home, even). The policy of either storing passwords encrypted with a one-way function or storing them on a machine that people don't have physical access is a good one. Grief the Unix one-way function worked really well until computers got so fast that dictionary attacks quick and easy, which is why we have shadow password files. (Well, sometimes -- we also have NIS...) One of the really good attacks against an NT domain is to get the password file, with the passwords in clear, from a machine in the domain. It's not access to the domain that we're interested in here, it's the passwords. What else are those passwords good for? People use the same password for lots of different things. If you've got a password, chances are you can now read encrypted mail; forge and digitally sign mail to make it really authentic; gain access to machines that you don't normally have access to, like the target's bank account, for example. There isn't any defense against all of the possible attacks, but there's no point in just giving up and not bothering to fix the easy ones. The point about attacking static files is this -- they're a lot easier. This means that there are a lot more people able to attack those files. For a given attack, most of the people able to carry out the attack have the right set of morals to do it. For an attack that can be done by a lot of people, you're more likely to find someone immoral enough to do it. And don't forget what's at stake here. It's not your workstation. It's your manager's password, the same password he or she uses to protect confidential information about YOU. jch P.S. Read "Secrets & Lies" by Bruce Schmeier. I haven't read "Applied Cryptography" by the same person, but I have read Dorothy Denning's classic "Cryptography and Data Protection" which gives a good background. You might also find Simon Singh's "The Code Book" is interesting, although not that closely related to authentication.
begin:vcard n:Haxby;John tel;fax:+44 1344 763686 tel;work:+44 1344 763711 x-mozilla-html:FALSE url:https://ecardfile.com/id/jch org:OpenMail R&D adr:;;Hewlett Packard<br>Nine Mile Ride;Wokingham;Berks;RG40 3LL;United Kingdom version:2.1 email;internet:jch@pwd.hp.com note;quoted-printable:<em>OpenMail for All!</em> =3B<img src=3D"http://www.openmail.com/cyc/om/00/graphics/omlinux.jpg"; width=3D53 height=3D62 align=3Dbottom> x-mozilla-cpt:;25408 fn:John Haxby end:vcard
![http://www.openmail.com/cyc/om/00/graphics/omlinux.jpg"](http://www.openmail.com/cyc/om/00/graphics/omlinux.jpg"){kind=link}