Solaris

Hello Admins,

I just have a curious question on unix passwords...

As unix passwords are encrypted, so any hacker can took those passwds from etc/shadow and decrypt them using any algorithms....and using decryption, he can get the passwd and easily get into the system.....

so how can unix be so secure as compared to windows...........

I am not talking about any firewalls and networking issue...just about the passwords.........


Thanks,
Solarisadmin

Only the root user can read /etc/shadow. root should be restricted to administrators only. if a hacker has compromised root the /etc/shadow would be the least of your worries. the algorithms used to encrypt passwords are one-way hashes -- eg: they cannot be decrypted. the method to determine what passwords are in /etc/shadow are to encrypt a dictionary/word list using the salt used in the password hash and then compare the result against. This is why you do not want to use passwords based on dictionary or common words.

ok.

So overall is hacker can't decrypt the passwords.....

and unix is secure... Is that so......

if it is a very strong password it would be extremely difficult to crack with current computers available but if the hacker can read /etc/shadow you have much bigger problems then your passwords.

any system can be secured if setup and maintained properly. the same rules apply to any operating system.

With solaris you can use different hashing algorithims in the shadow file by modifying /etc/security/policy.conf.

Solaris also has what is called trusted extensions that allow for security labels on processes and files. So a process has to have a security label at or above the label on the file to even be able to see it.

Solaris also has a virtualization technology called zones that allow virtual machines with their own security configuration without the overhead of running a completely seperate OS.

Solaris also has a robust RBAC system that can allow a managable way to devide administration roles.

Solaris has whats called BART to monitor files for tamparing.

Solaris has a configurable audit system that allows you to track certain operations.

This is a very brief and simplistic overview of some of the features that make Solaris very secure.

None of this matters without users educated on how to resist social engineering.