Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Unix/Solaris security?
Operating Systems Solaris Unix/Solaris security? Post 302475403 by snchaudhari2 on Sunday 28th of November 2010 03:43:38 PM
Old 11-28-2010
ok.

So overall is hacker can't decrypt the passwords.....

and unix is secure... Is that so......
 

5 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

Solaris vs Linux Security

have a look: http://www.softpanorama.org/Solaris/Whitepaper/index.shtml#Executive_Summary gP (4 Replies)
Discussion started by: pressy
4 Replies

2. Solaris

Solaris 8 security log issue

Hi all, I'm using Solaris 8 right now. Recently I've a task that needs to log down all unsuccessful login to a log for auditing purpose. What steps do I have to take to log down all login failure logs? Do I've to edit a certain file for it or done by the X-window mode? BTW, do I have to... (2 Replies)
Discussion started by: heero
2 Replies

3. Solaris

Solaris 9 security

Hi all, I have some questions for you about Solaris 9 security (if you also know the answers for Red Hat enterprise linux 3 et HP UX 11i, this would help too). I have already found many documents about general UNIX security, but some points are still obscure. Please take time to try to help... (3 Replies)
Discussion started by: Aaclof
3 Replies

4. Solaris

Solaris user Security implementation

Hi gurus, Need you help here: How we can implement I have edited /etc/default/login as TIMEOUT=60 But user is not Logged out after 60 sec inactivity. How we can implement this? e.g 3 bad passwords and the user is locked. And it is locked for certain period e.g 20 min. (1 Reply)
Discussion started by: Asteroid
1 Replies

5. Shell Programming and Scripting

Solaris Security toolkit to mysql

Hi every body! Any one ever tried to inject the output of JASS into mysql or know of a method or script to do this Thk Dan (0 Replies)
Discussion started by: Ex-Capsa
0 Replies

LEARN ABOUT DEBIAN

filter::decrypt

decrypt(3pm)						User Contributed Perl Documentation					      decrypt(3pm)

NAME

       Filter::decrypt - template for a decrypt source filter

SYNOPSIS

	   use Filter::decrypt ;

DESCRIPTION

       This is a sample decrypting source filter.

       Although this is a fully functional source filter and it does implement a very simple decrypt algorithm, it is not intended to be used as
       it is supplied. Consider it to be a template which you can combine with a proper decryption algorithm to develop your own decryption
       filter.

WARNING

       It is important to note that a decryption filter can never provide complete security against attack. At some point the parser within Perl
       needs to be able to scan the original decrypted source. That means that at some stage fragments of the source will exist in a memory
       buffer.

       Also, with the introduction of the Perl Compiler backend modules, and the B::Deparse module in particular, using a Source Filter to hide
       source code is becoming an increasingly futile exercise.

       The best you can hope to achieve by decrypting your Perl source using a source filter is to make it unavailable to the casual user.

       Given that proviso, there are a number of things you can do to make life more difficult for the prospective cracker.

       1.   Strip the Perl binary to remove all symbols.

       2.   Build the decrypt extension using static linking. If the extension is provided as a dynamic module, there is nothing to stop someone
	    from linking it at run time with a modified Perl binary.

       3.   Do not build Perl with "-DDEBUGGING". If you do then your source can be retrieved with the "-Dp" command line option.

	    The sample filter contains logic to detect the "DEBUGGING" option.

       4.   Do not build Perl with C debugging support enabled.

       5.   Do not implement the decryption filter as a sub-process (like the cpp source filter). It is possible to peek into the pipe that
	    connects to the sub-process.

       6.   Check that the Perl Compiler isn't being used.

	    There is code in the BOOT: section of decrypt.xs that shows how to detect the presence of the Compiler. Make sure you include it in
	    your module.

	    Assuming you haven't taken any steps to spot when the compiler is in use and you have an encrypted Perl script called "myscript.pl",
	    you can get access the source code inside it using the perl Compiler backend, like this

		perl -MO=Deparse myscript.pl

	    Note that even if you have included the BOOT: test, it is still possible to use the Deparse module to get the source code for
	    individual subroutines.

       7.   Do not use the decrypt filter as-is. The algorithm used in this filter has been purposefully left simple.

       If you feel that the source filtering mechanism is not secure enough you could try using the unexec/undump method. See the Perl FAQ for
       further details.

EXAMPLES

       See /usr/share/doc/libfilter-perl/examples/decrypt/ for examples of encryption and decryption scripts using this filter.

AUTHOR

       Paul Marquess

DATE

       19th December 1995

perl v5.14.2							    2012-06-22							      decrypt(3pm)
All times are GMT -4. The time now is 08:40 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy