[CentOS] an actual hacked machine, in a preserved state
Leonard den Ottolander
leonard at den.ottolander.nl
Tue Jan 3 09:08:40 UTC 2012
Hello Craig,
On Mon, 2012-01-02 at 01:04 -0700, Craig White wrote:
> Very often, a single user with a
> weak password has his account cracked and then a hacker can get a copy
> of /etc/shadow and brute force the root password.
This is incorrect. The whole reasoning behind /etc/shadow is to hide the
actual hashes from normal system users. /etc/shadow is chown root.root
and chmod 0400. Without root access /etc/shadow is not accessible.
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS
mailing list