See everyone so active in the claim of the theme, I can not help to claim 1. After asking a brief talk about the Linux system password on the attack and prevent it.
In the early Linux systems, / etc / passwd file contains system information for each user, of course, the user's password after a certain number and logic After the algorithm is the result of an operation (visible strings) into the passwd file, encryption strength not significant. So long as the early hackers to get / etc / passwd this file, the system has scored half the battle.
Later, with the increased security level, there has been a separate encryption password passwd file the case, the results of encrypted passwords and other supporting information deposited in the shadow file. The question of what form and save the encryption algorithm, you can use / usr / sbin / authconfig program to set up.
Enter the password when users log on it is calculated with the / etc / passwd and / etc / shadow of the results are compared, consistent with the allowed login, or refuse to log on.
A strong password should be valid at least 8 characters long, do not access personal information (such as birthday, name, user name, computer models, also try not to connect phone number and password 2002,2000,888, etc.) in , the average English word is not good (because the available dictionary attack), some of the best non-password characters (such as numbers, punctuation marks, control characters, etc.), pay attention to try not to write on paper or computer file, Select a good password is not related to characters of letters and numbers or control connected to form the length of not less than eight.
Strong enough to force the user to specify the password required to modify the file / etc / login.defs parameters PASS_MIN_LEN (password minimum length). At the same time using the time to be password restricted to ensure that the password be changed regularly is recommended to modify the parameters PASS_MIN_DAYS (password using time). Linux general settings shown in Figure 1.
Figure 1
Linux using DES (encryption function type is the Crypt) or MD5 (function type is Md) encryption algorithm, due to the large calculation, they are almost difficult to reverse-engineering. DES ciphertext password is a string of 13 ASCII characters, while the MD5 password Kai ciphertext characters always start "$ 1 $." OK, we know almost right. Next, we have to show you. Shown in Figure 2 is a compromised Red Hat family of Linux. Overflow server remote intruder access to a root login privileges.
Figure 2
How to know the root user's password then? Intruder opened the / etc / passwd file. Shown in Figure 3.
Figure 3
Appears to account for the host is encrypted shadow. Continue to look at / etc / shadow situation. Shown in Figure 4.
Figure 4
The colon is the root behind the encrypted password. Start break to work.
Linux password cracking tools are many, such as John the Ripper, Crack by Alex Muffett and Cracker Jack, etc., of which John the Ripper the most powerful, fastest speed.
The / etc / shadow to download to a local, first using John the Ripper's simple model to try, but no results, shown in Figure 5.
Figure 5
Linked to a dictionary and then look. Here with the "-w = 1.txt" specify the dictionary file. Soon, root password out, the original is: "bigapple". Shown in Figure 6.
Figure 6
With the root password, enter the server later on convenience.