Bugtraq mailing list archives
Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0
From: Rainer Duffner <rainer () ultra-secure de>
Date: Sat, 11 Feb 2006 01:03:40 +0100
Solar Designer wrote:
Finally, often it is preferable to not spend lots of disk space and lots of time and/or bandwidth to generate or download rainbow tables, -- and also to not reveal your password hashes to a third party (such as one of the online rainbow tables based cracking services).
I don't think such a move (upload hash to 3rd-party site) is covered with any sensible pen-tester NDA (and related work).
(Though professional pentesters might have their own set of rainbow-tables) So, this is a good reason, still. cheers, Rainer
Current thread:
- John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 Solar Designer (Feb 09)
- <Possible follow-ups>
- RE: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 Amin Tora (Feb 10)
- Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 Solar Designer (Feb 10)
- Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 Rainer Duffner (Feb 15)
- Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 Aaron (Feb 15)
- Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 Solar Designer (Feb 10)