Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Identifying user password

Posted on 2001-07-11
5
Medium Priority
?
250 Views
Last Modified: 2010-04-21
If a user telnets into the Unix system, successfully logs on and then walks away from the PC, is there any way another person could walk up and quickly learn the first user's password? What about pg_passwd?
0
Comment
Question by:rsorrent
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Expert Comment

by:interiot
ID: 6274228
From the crypt(3) man page:

crypt is the password encryption function. It is based on a one way hashing encryption algorithm...


So, ideally, no.  There are still many other security problems though.  For instance, if that user has placed that account in some of his other accounts' .rhosts files, and someone visits a still-logged-in-terminal, the guest will be able to potentially all of the user's accounts.  Among other things...
0
 
LVL 40

Accepted Solution

by:
jlevie earned 400 total points
ID: 6275239
As interiot pointed out, there are other more significant risks to leaving a login session unattended. One thing that he didn't mention is the possibility of a trojan being placed in the user's home directory that could be used to capture a password if the user then accesses some other system remotely. And of couse the malicious passerby might be able to see and capture the encrypted passwords on the system for that and other accounts. With those a determined attacker can the use crack to recover the plaintext password. Any encrypted password can cracked, given enough CPU time, and since most users won't choose really good passwords unless forced to one can usually recover several passwords on the average system in short order.

Now if you are really concerned about password leakage you'll want to disable telnet, rlogin, and ftp entirely and only allow the use of ssh, scp, and sftp. Anyone on the network that is within the collision domain of a server can use a network sniffer to capture all of the plaintext usernames and passwords they could ever want.
0
 

Author Comment

by:rsorrent
ID: 6276860
What if I am the passer-by and wish to quickly capture the user's password? Is there no simple method?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6278141
No there is no "simple method" Unix systems don't keep plaintext copies of a user's password around. You either have to attempt a recovery of the plaintext equivalent of the encrypted password or capture the plaintext password " on the fly".
0
 

Author Comment

by:rsorrent
ID: 6278148
Thanks for the education
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question