Xref: utzoo rec.games.mud:2745 alt.security:2054 comp.unix.wizards:24629 Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!mips!sgi!shinobu!odin!pkr From: pkr@sgi.com (Phil Ronzone) Newsgroups: rec.games.mud,alt.security,comp.unix.wizards Subject: Re: Hacking Message-ID: <1991Apr1.173824.20323@odin.corp.sgi.com> Date: 1 Apr 91 17:38:24 GMT References: <1991Mar27.041126.9886@news.miami.edu> <1991Mar27.094325.24599@en.ecn.purdue.edu> Sender: news@odin.corp.sgi.com (Net News) Organization: Cold War Victory Parade Float Construction Company Lines: 23 In article pjnesser@mbunix.mitre.org (Nesser) writes: >Someone in this thread pointed out that the way to crack passwords is to >maintain a list of encrypted dictionary words and compare against that. I >just want to point out that this is an amazingly expensive way to do it >since you have to keep 4096 strings for each word. Disk space is getting >cheaper but ... It's not that I've figured out a great way to do it myself >but ... :-) Well, assuming 100,000 words of 13 characters each, for each of 4096 possibilities, that gives us 5,324,800,000 bytes. Now, with the 750MB and 1.2G 5.25" disk drives around, I'd probably have to have several of the drives, OR, maybe use a smaller dictionary. 100,000 words is a LOT of words ..... -- Philip K. Ronzone S e c u r e U N I X pkr@sgi.com Silicon Graphics, Inc. MS 9U-500 work (415) 335-1511 2011 N. Shoreline Blvd., Mountain View, CA 94039 fax (415) 969-2314 ...................................."Why, you little ........", Homer Simpson