[sf-lug] John the Ripper

Kristian Erik Hermansen kristian.hermansen at gmail.com
Fri Jan 25 09:13:35 PST 2008


On Jan 25, 2008 3:12 AM, Rick Moen <rick at linuxmafia.com> wrote:
> FWIW, my point (earlier) was that the main usage of John the Ripper and
> predecessors -used- to be by the bad guys, running it against _other_
> people's /etc/passwd files -- back in the days when that file was
> world-readable, i.e., before shadow passwords blocked that avenue of
> attack.

Best book to read which illustrates this is Cliff Stoll's 'Cuckoo's
Egg'.  This is the book that I read when I was a kid that got me even
more interested in security -- and landed me in the profession.  The
story is so amazing and incredible that you would think it was a plot
designed for film, but it was real and Stoll documents the evidence
quite well.  Probably one of my most influential readings.  Oh, and in
the book the attackers utilized that snazzy emacs bug...
-- 
Kristian Erik Hermansen
"Know something about everything and everything about something."




More information about the sf-lug mailing list