Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How can someone hack into a Linux server ?
Special Forums Cybersecurity How can someone hack into a Linux server ? Post 302827659 by smiff on Sunday 30th of June 2013 07:57:54 AM
Old 06-30-2013
Anything open to access is part of the attack surface and can be attacked though whether this allows a successful hack is another matter.

The only way to secure a server is consider attacks and what you can do to prevent them.

In your case, you may have strong passwords, but are you going to know if someone tries your root account 506938 times with a brute force attack until they happen to find your password? Does your version of openssh have any security vulnerabilities that are remotely vulnerable? If you give someone else access, how do you know that they are changing things appropriately and not introducing vulnerabilities?
 

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Hack CPU Utilization

Hi friends, I am currently working on an issue where i should write a program which utilizes Cpu as specified by the user. The function should be provided with an argument ( how much percentage of CPU has to be utilized by the process ) for example CPU(75) should utilize 75% of CPU. The function... (11 Replies)
Discussion started by: nerdychandru
11 Replies

2. Solaris

tty hack

hi all, what i want to do when user open terminal like tty5 and do his work i want to see his terminal how can i do this (1 Reply)
Discussion started by: xxmasrawy
1 Replies

3. IP Networking

how to hack linux driver to delay incoming packets

hello, can anyone suggest how to delay the incoming packets ?? or how the packets are prossed inside the kernal and a way to make the packets wait a while?? it wud be vry helpful regards sameer (7 Replies)
Discussion started by: sameer kulkarni
7 Replies

4. Red Hat

Hack a centos Linux box

HI, I have a Centos linux box and there is interface connect to internet. I stop the iptables in this box . After a few day , I find the linux box have been hacked and install some perl script into the box . Could anyone tell me how the hacker can login into the centos box without knowing... (1 Reply)
Discussion started by: chuikingman
1 Replies

5. Homework & Coursework Questions

Configure the AD Window server with Linux server(google Authenticator is installed)

Hi my name is Manju. ->I have configure the two way authentication on my linux server. ->Now I am able to apply two way authenticator on particuler user. ->Now I want to map this linux server to my AD server. ->Kindly tell me how to map AD(Active Directory) with this linux server. ... (2 Replies)
Discussion started by: manjusharma128
2 Replies

LEARN ABOUT SUSE

pwgen

PWGEN(1)						      General Commands Manual							  PWGEN(1)

NAME

       pwgen - generate pronounceable passwords

SYNOPSIS

       pwgen [ OPTION ] [ pw_length ] [ num_pw ]

DESCRIPTION

       The  pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible.  Human-memo-
       rable passwords are never going to be as secure as completely completely random passwords.  In particular,  passwords  generated  by  pwgen
       without	the -s option should not be used in places where the password could be attacked via an off-line brute-force attack.   On the other
       hand, completely randomly generated  passwords have a tendency to be written down, and are subject to being compromised in that fashion.

       The pwgen program is designed to be used both interactively, and in shell scripts.   Hence,  its  default  behavior  differs  depending	on
       whether the standard output is a tty device or a pipe to another program.  Used interactively, pwgen will display a screenful of passwords,
       allowing the user to pick a single password, and then quickly erase the screen.	This prevents someone from being able to  "shoulder  surf"
       the user's chosen password.

       When  standard  output  (stdout)  is  not  a tty, pwgen will only generate one password, as this tends to be much more convenient for shell
       scripts, and in order to be compatible with previous versions of this program.

       In addition, for backwards compatibility reasons, when stdout is not a tty and secure password generation  mode	has  not  been	requested,
       pwgen  will  generate  less secure passwords, as if the -0A options had been passed to it on the command line.  This can be overriden using
       the -nc options.  In the future, the behavior when stdout is a tty may change, so shell scripts using pwgen should explicitly  specify  the
       -nc or -0A options.  The latter is not recommended for security reasons, since such passwords are far too easy to guess.

OPTIONS

       -0, --no-numerals
	      Don't include numbers in the generated passwords.

       -1     Print the generated passwords one per line.

       -A, --no-capitalize
	      Don't bother to include any capital letters in the generated passwords.

       -a, --alt-phonics
	      This option doesn't do anything special; it is present only for backwards compatibility.

       -B, --ambiguous
	      Don't  use  characters that could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'.  This reduces the number
	      of possible passwords significantly, and as such reduces the quality of the passwords.  It may be useful	for  users  who  have  bad
	      vision, but in general use of this option is not recommended.

       -c, --capitalize
	      Include at least one capital letter in the password.  This is the default if the standard output is a tty device.

       -C     Print the generated passwords in columns.  This is the default if the standard output is a tty device.

       -N, --num-passwords=num
	      Generate num passwords.  This defaults to a screenful if passwords are printed by columns, and one password.

       -n, --numerals
	      Include at least one number in the password.  This is the default if the standard output is a tty device.

       -H, --sha1=/path/to/file[#seed]
	      Will  use  the  sha1's  hash  of given file and the optional seed to create password. It will allow you to compute the same password
	      later, if you remember the file, seed, and pwgen's options used.	ie: pwgen -H ~/your_favorite.mp3#your@email.com gives  a  list	of
	      possibles passwords for your pop3 account, and you can ask this list again and again.

	      WARNING:	The  passwords	generated  using  this option are not very random.  If you use this option, make sure the attacker can not
	      obtain a copy of the file.  Also, note that the name of the file may be easily available	from  the  ~/.history  or  ~/.bash_history
	      file.

       -h, --help
	      Print a help message.

       -s, --secure
	      Generate	completely  random,  hard-to-memorize  passwords.   These  should only be used for machine passwords, since otherwise it's
	      almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...

       -v, --no-vowels
	      Generate random passwords that do not contain vowels or numbers that might be mistaken for vowels.  It provides  less  secure  pass-
	      words to allow system administrators to not have to worry with random passwords accidentally contain offensive substrings.

       -y, --symbols
	      Include at least one special character in the password.

AUTHOR

       This  version  of pwgen was written by Theodore Ts'o <tytso@alum.mit.edu>.  It is modelled after a program originally written by Brandon S.
       Allbery, and then later extensively modified by Olaf Titz,  Jim Lynch, and others.  It was rewritten from scratch by Theodore Ts'o  because
       the original program was somewhat of a hack, and thus hard to maintain, and because the licensing status of the program was unclear.

SEE ALSO

       passwd(1)

pwgen version 2.05						   January 2006 							  PWGEN(1)
All times are GMT -4. The time now is 01:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy