How to stop future viruses.

Richard A. O'Keefe ok at quintus.uucp
Thu Nov 10 19:59:56 AEST 1988


In article <16768 at agate.BERKELEY.EDU> greg at math.Berkeley.EDU (Greg) writes:
>Secondly, your approach will no longer work with the advent of the
>salt, the 12 random bits stored in the clear with the encrypted
>password.  You would have to encrypt the dictionary 4096 times, or be
>content with cracking a much smaller portion of the password file.  It
>would be good to expand the salt to 36 bits, just to make sure that you
>can't preencrypt even a small dictionary.

I'm afraid the salt is not much protection.  I'm not going to explain why,
but read the crypt(3) manual page carefully...



More information about the Comp.unix.wizards mailing list