Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Unix/Solaris security?
Operating Systems Solaris Unix/Solaris security? Post 302475399 by snchaudhari2 on Sunday 28th of November 2010 03:23:38 PM
Old 11-28-2010
Unix/Solaris security?
Hello Admins,

I just have a curious question on unix passwords...

As unix passwords are encrypted, so any hacker can took those passwds from etc/shadow and decrypt them using any algorithms....and using decryption, he can get the passwd and easily get into the system.....

so how can unix be so secure as compared to windows...........

I am not talking about any firewalls and networking issue...just about the passwords.........


Thanks,
Solarisadmin
 

5 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

Solaris vs Linux Security

have a look: http://www.softpanorama.org/Solaris/Whitepaper/index.shtml#Executive_Summary gP (4 Replies)
Discussion started by: pressy
4 Replies

2. Solaris

Solaris 8 security log issue

Hi all, I'm using Solaris 8 right now. Recently I've a task that needs to log down all unsuccessful login to a log for auditing purpose. What steps do I have to take to log down all login failure logs? Do I've to edit a certain file for it or done by the X-window mode? BTW, do I have to... (2 Replies)
Discussion started by: heero
2 Replies

3. Solaris

Solaris 9 security

Hi all, I have some questions for you about Solaris 9 security (if you also know the answers for Red Hat enterprise linux 3 et HP UX 11i, this would help too). I have already found many documents about general UNIX security, but some points are still obscure. Please take time to try to help... (3 Replies)
Discussion started by: Aaclof
3 Replies

4. Solaris

Solaris user Security implementation

Hi gurus, Need you help here: How we can implement I have edited /etc/default/login as TIMEOUT=60 But user is not Logged out after 60 sec inactivity. How we can implement this? e.g 3 bad passwords and the user is locked. And it is locked for certain period e.g 20 min. (1 Reply)
Discussion started by: Asteroid
1 Replies

5. Shell Programming and Scripting

Solaris Security toolkit to mysql

Hi every body! Any one ever tried to inject the output of JASS into mysql or know of a method or script to do this Thk Dan (0 Replies)
Discussion started by: Ex-Capsa
0 Replies

LEARN ABOUT DEBIAN

makepasswd

makepasswd(1)						       UNIX Reference Manual						     makepasswd(1)

NAME

       makepasswd - generate and/or encrypt passwords

SYNOPSIS

       makepasswd [ --chars N ] [ --clearfrom file ] [ --count N ] [ --crypt | --nocrypt | --crypt-md5 ] [ --cryptsalt N ] [ --help ] [ --maxchars
       N ] [ --minchars N ] [ --randomseed N ] [ --rerandom N ] [ --repeatpass N ] [ --string string ] [ --verbose | --noverbose ]

DESCRIPTION

       makepasswd generates true random passwords using /dev/urandom, with the emphasis on security over pronounceability.  It	can  also  encrypt
       plaintext passwords given on the command line.

OPTIONS

       --chars N
	      Generate passwords with exactly N characters (do not use with options --minchars and --maxchars).

       --clearfrom FILE
	      Use password from FILE instead of generating passwords.  Requires the --crypt or the --crypt-md5 options; may not be used with these
	      options: --chars, --maxchars, --minchars, --count, --string, --nocrypt.  Trailing newlines are removed but other white space is not.

       --count N
	      Produce a total of N passwords (the default is one).

       --crypt
	      Produce encrypted passwords.

       --crypt-md5
	      Produce encrypted passwords using the MD5 digest (hash) algorithm.

       --cryptsalt N
	      Use crypt() salt N, a positive number <= 4096.  If random seeds are desired, specify a zero value (the default).

       --help Ignore other operands and produce only a help display.

       --maxchars N
	      Generate passwords with at most N characters (default = 10).

       --minchars N
	      Generate passwords with at least N characters (default = 8).

       --nocrypt
	      Do not encrypt the generated password(s) (the default).

       --noverbose
	      Display no labels on output (the default).

       --randomseed N
	      Use random number seed N, between 0 and 2^32 inclusive.  A zero value results in a  real-random  seed.   This  generates	much  less
	      secure passwords than the default; not only does it generate predictable passwords due to the fixed seed, but the range of available
	      seeds is 32 bits rather than the default of 256 bits, and cannot be changed without breaking expectations of previous users of  this
	      option.  If possible, do not use this option.

       --rerandom N
	      Set  the random seed value every N values used.  Specify zero to use a single seed value (the default). Specify one to get true-ran-
	      dom passwords, though note that doing this too frequently will deplete the supply of entropy available in the kernel's entropy pool.

       --repeatpass N
	      Use each password N times (4096 maximum, --crypt must be set and --cryptsalt may not be set).

       --string STRING
	      Use the characters in STRING to generate random passwords.

       --verbose
	      Display labelling information on output.

HISTORY

       makepasswd was originally part of the mkircconf program used to centrally administer the Linux Internet Support	Cooperative  IRC  network.
       It may potentially be of use in any situation where passwords must be secure and need not be memorized by humans.

       Colin Watson modified it to use OpenSSL's pseudo-random number generator.

COPYRIGHT

       Copyright  (c) 1997-1998 by lilo <lilo@linpeople.org>.  All rights are reserved by the author.  This program may be used under the terms of
       version 2 of the GNU Public License.

SEE ALSO

       passwd(5)

Debian Distribution						  1998 February 9						     makepasswd(1)
All times are GMT -4. The time now is 05:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy