[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: äðãåï: Re: What did I do right?
Alex Shnitman wrote:
> I don't know how exactly his configuration works, but FWIW if you're
> using shadow passwords from a Solaris server, a user cannot ypcat
> passwd.adjunct, only root can. And if you're going to authenticate
> users from a central service on the network, be it NIS or anything
> else, how can you prevent the sniffing problem? Short of using
> something totally different a la Kerberos, you can't. (Am I right that
> Kerberos uses a challenge-response scheme that alleviates the sniffing
> problem?)
No, Kerberos is vulnerable to dictionary attacks against encrypted
passwords as well.
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il