Found, a new rootkit
John Summerfied
debian at herakles.homelinux.org
Wed Apr 5 13:17:09 UTC 2006
Les Mikesell wrote:
> On Tue, 2006-04-04 at 23:04, Mikkel L. Ellertson wrote:
>
>>You keep copies of the old encrypted passwords around, and compare
>>the new one to them. If they match, reject the password. After all,
>>you do that to the current one every time someone tries to log in.
Create a test account, fred.
Set fred's password to, say, derf.
Take a note of the encrypted password.
Change Fred's password to derf.
Compare with the previous encrypted password. Are they the same?
--
Cheers
John
-- spambait
1aaaaaaa at computerdatasafe.com.au Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list
More information about the users
mailing list