[K12OSN] uh oh

[Rob Owens]

All passwords are stored in an encrypted state.  I've read that the encryption is possible to break, simply by creating a known password and seeing how it looks encrypted.  Do this enough times and you'll have the encryption figured out.  This works as long as you (the cracker) have read access to the passwords file.  "Shadow passwords" handles this by moving the encrypted passwords to a location that only root can view.  I'm not sure what K12LTSP uses by default, but I imagine it's shadow passwords.

Anyway, I'm sure there must be a utility somewhere to crack passwords.  You, being root and being able to see the encoded passwords even if they are "shadow passwords", if you can find such a utility will be able to find out what your password was changed to.  If it was changed to "bigfatjerk" or something, you can assume it was done by a disgruntled student.  Or you may find that you've had a brain fart and are trying to enter your home password instead of your work password, etc.

-Rob


 --- On Wed 12/15, anthony baldwin < anthonybaldwin at snet.net > wrote:
From: anthony baldwin [mailto: anthonybaldwin at snet.net]
To: k12osn at redhat.com
Date: Wed, 15 Dec 2004 22:49:18 -0500
Subject: Re: [K12OSN] uh oh

Burke Almquist wrote:<br>> Someone probably figured out your user password and changed it.<br>> <br>> On Dec 15, 2004, at 4:04 PM, anthony baldwin wrote:<br>> <br>>> I ended up rebooting the machine and logging in as root, checked users <br>>> & groups settings, and, sure enough,<br>>> appeared as though my password has been changed.<br>>> The root password was not altered, just my user password.<br>>> Could this mean that my machine was somehow compromised?<br>> <br>> <br>> _______________________________________________<br>> K12OSN mailing list<br>> K12OSN at redhat.com<br>> https://www.redhat.com/mailman/listinfo/k12osn<br>> For more info see <http://www.k12os.org><br>> <br><br>This would have to have been done remotely.<br>The computer was alone in my room at home all day,<br>but connected to the internet.<br><br>How may I check this out further?<br><br>-- <br>Anthony Baldwin<br>http://www.School-Library.net<br>Freedom to Learn!<br><br>-----BEGIN GEEK CODE BLOCK-----<br>GED!
$/L/P/FA d? s: a C++ L++ W++ N++ K- w--- M+ PS++<br>PE-- Y+ PGP- t+ tv-- b++(b++++) D? G e++++ h++ r--- y?<br>------END GEEK CODE BLOCK------<br><br>_______________________________________________<br>K12OSN mailing list<br>K12OSN at redhat.com<br>https://www.redhat.com/mailman/listinfo/k12osn<br>For more info see <http://www.k12os.org><br>

_______________________________________________
No banners. No pop-ups. No kidding.
Make My Way your home on the Web - http://www.myway.com