Full Disclosure mailing list archives
Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords
From: Darren Reed <avalon () caligula anu edu au>
Date: Thu, 5 Jun 2003 13:57:40 +1000 (Australia/ACT)
In some mail from =?iso-8859-1?Q?Mads_Tans=F8?=, sie said:
Concerning point 1; It is not usual for irc servers to store clear passwords in the IRCD.config files. Hybrid uses hashed password made with mkpasswd, genesis uses rijndael, nnircd for a sample uses some kinda of hash (based on ircd2 if I dont remember to wrong). Using encrypted passwords are not cause of remote or local users, its just IF the server should get hacked it is not good to let the ircd.conf reveal the passwords. This also goes for linkpasswords. Imho the c/n's should also be a crypted line, but then again, thats my oppinion.
FWIW, you can put an encrypted password in N's but cleartest must go in C but it's tricky to get right. For one, you need to used asymetric passwords. Well, you used to be able to, anyway, I'm not sure if this is still supported. mkpasswd is inherited by hybrid from ircd2. Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: IRCXpro 1.0 - Clear local and default remote admin passwords, (continued)
- Re: IRCXpro 1.0 - Clear local and default remote admin passwords IRCXpro Support (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Darren Reed (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords IRCXpro Support (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Darren Reed (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Michael Osten (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Darren Reed (Jun 04)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords morning_wood (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Васил Колев (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Shawn McMahon (Jun 04)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Darren Reed (Jun 03)
- Re: IRCXpro 1.0 - Clear local and default remote admin passwords IRCXpro Support (Jun 03)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Darren Reed (Jun 04)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords morning_wood (Jun 04)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Pablo Sol (Jun 04)
- Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords Darren Reed (Jun 04)