Path: utzoo!mnetor!uunet!seismo!sundc!pitstop!sun!decwrl!labrea!polya!haddad
From: haddad@polya.STANFORD.EDU (Ramsey Haddad)
Newsgroups: sci.crypt
Subject: Re: Unix Password Hacker
Message-ID: <2085@polya.STANFORD.EDU>
Date: 26 Feb 88 17:48:49 GMT
References: <731@ddsw1.UUCP> <657@morningdew.BBN.COM> <1368@homxc.UUCP> <739@ddsw1.UUCP> <1118@uop.edu> <2584@crash.cts.com> <3234@bloom-beacon.MIT.EDU>
Reply-To: haddad@polya.UUCP (Ramsey Haddad)
Distribution: na
Organization: Stanford University
Lines: 21

In article <3234@bloom-beacon.MIT.EDU> jik@athena.mit.edu (Jonathan I. Kamens) writes:
>  However, we are at a large advantage in the area of
>/etc/passwd hacking, because usernames and passwords DO NOT APPEAR
>anywhere at all that is user-accessible, and they are never sent over
>the network in plaintext as is done when telnet'ing or rlogin'ing.
>Instead, when a user types in his password it is encrypted and sent to
>the kerberos-server, which compares it with its (crypted) password
>entry for the user.  If they match, the user passes, and if not, he
>hasd to login again.


Whether passwords are sent over the network in plaintext or encrypted
text is irrelevant.  The server grants access when given the login
string S.  If someone eavesdrops on the net, stores string S and later
plays back string S in order to gain access, it doesn't matter whether
the string S is plaintext or encrypted.

To get around this problem one needs to use public-key cryptography
and an interactive login protocol.
-- 
Ramsey W Haddad