Crack is too slow!

Crack is too slow!

Post by Brent Burt » Thu, 17 Aug 1995 04:00:00




|Greetings!  With a bit of help, I have just installed Crack on my system.
|
|c) Any tips for increasing the speed of Crack?

Drink less coffee.

Seriously, a first run of crack will take a few days.  I routinely
run it on a SparcStation 20 (mostly idle), and it takes more than
a day to run through the password file (~600 entries now).  In fact,
I started it at 2:26pm Jul 18, and it finished at 11:20pm Jul 19.

During the fall/spring semesters we have ~3000 user accounts, and
a first run through the password file takes nearly a week.  Later
runs, however, are quicker.

-Brent

--
---------------------------------------------------------------------------
Brent Burton

 
 
 

Crack is too slow!

Post by Chris Wal » Thu, 17 Aug 1995 04:00:00




Quote:

>>c) Any tips for increasing the speed of Crack?

>Yes: don't use it.  You're much better off installing a replacement for
>/etc/passwd that prevents users from setting easily cracked passwords
>in the first place.

Replacing /etc/passwd will certainly solve many problems, but I suspect
it may create others :^).

Chris

 
 
 

Crack is too slow!

Post by David Claus » Thu, 17 Aug 1995 04:00:00


Greetings!  With a bit of help, I have just installed Crack on my system.
The problem is, I have a Sequent SE5000 system with 2 Pentium processors,
and with practically no CPU load besides Crack, Crack has been running
for 10 hours, and is only on its 13'th passwd entry.  I installed a
dictionary with 245,000 words.

Here are a couple of questions I have.  If you could help me out with
them or point me to a document which could help me, that would be
fabulous!

a) Since the UNIX passwords on my system are only 8 characters long,
   should I remove all words in the dictionary over 8 characters long?

b) Do you think the performance of UFC-Crypt is worth it's bad memory
   management spoken of in the Crack README?

c) Any tips for increasing the speed of Crack?

Thanks so much,
Dave Clausen

 
 
 

Crack is too slow!

Post by Michael Shiel » Thu, 17 Aug 1995 04:00:00




> Greetings!  With a bit of help, I have just installed Crack on my system.
> The problem is, I have a Sequent SE5000 system with 2 Pentium processors,
> and with practically no CPU load besides Crack, Crack has been running
> for 10 hours, and is only on its 13'th passwd entry.  I installed a
> dictionary with 245,000 words.

Note the last sentence.  Don't do that.
--
Shields.
 
 
 

Crack is too slow!

Post by Samuel Tardie » Fri, 18 Aug 1995 04:00:00


David> a) Since the UNIX passwords on my system are only 8 characters
David> long, should I remove all words in the dictionary over 8
David> characters long?

Even if passwords are only 8 chars long, people may choose to type
more (for example 'whiteboard'). If you remove 'whiteboard' from your
dictionary, you'll miss this one because 'whiteboa' is not (I think)
a regular word and won't be in your dictionary.

A better solution would be to truncate words to eight characters and
then remove duplicates. But once again, this is not a good solution :
people often reverse words, for example 'draobetihw', which will be
taken as 'draobeti' by your computer and won't be found by Crack if
you have truncated your entries.

  Sam
--
"La cervelle des petits enfants, ca doit avoir comme un petit gout de noisette"
                                                       Charles Baudelaire

 
 
 

Crack is too slow!

Post by Kevin A. Arch » Fri, 18 Aug 1995 04:00:00




>>>c) Any tips for increasing the speed of Crack?
>>Yes: don't use it.  You're much better off installing a replacement for
>>/etc/passwd that prevents users from setting easily cracked passwords
>>in the first place.
>Replacing /etc/passwd will certainly solve many problems, but I suspect
>it may create others :^).

Don'tcha hate it when the fingers go faster than the brain?  I meant,
of course, to replace your password program (e.g., /bin/passwd).

        - Kevin
--
Kevin Archie                    http://www.alumni.caltech.edu/~karchie


 
 
 

Crack is too slow!

Post by Lex Spo » Fri, 18 Aug 1995 04:00:00





: >>
: >>>c) Any tips for increasing the speed of Crack?
: >>Yes: don't use it.  You're much better off installing a replacement for
: >>/etc/passwd that prevents users from setting easily cracked passwords
: >>in the first place.

: >Replacing /etc/passwd will certainly solve many problems, but I suspect
: >it may create others :^).

: Don'tcha hate it when the fingers go faster than the brain?  I meant,
: of course, to replace your password program (e.g., /bin/passwd).

:       - Kevin

I dunno, I can come up with some /etc/passwd files that Crack will
zip through quite quickly!  :)

Or you could always just remove a few entries... :)

Lex

 
 
 

Crack is too slow!

Post by Dom De Vit » Fri, 18 Aug 1995 04:00:00



> Greetings!  With a bit of help, I have just installed Crack on my system.
> The problem is, I have a Sequent SE5000 system with 2 Pentium processors,
> and with practically no CPU load besides Crack, Crack has been running
> for 10 hours, and is only on its 13'th passwd entry.  I installed a
> dictionary with 245,000 words.

That quite a few for a static dictionary.(non-generated)

Quote:> Here are a couple of questions I have.  If you could help me out with
> them or point me to a document which could help me, that would be
> fabulous!
> a) Since the UNIX passwords on my system are only 8 characters long,
>    should I remove all words in the dictionary over 8 characters long?

No way. Then if I use 'newsgroup' backwords you won't find it.

Quote:> b) Do you think the performance of UFC-Crypt is worth it's bad memory
>    management spoken of in the Crack README?

Absolutely. Though if you're system is thrashing....

Quote:> c) Any tips for increasing the speed of Crack?

a) Read your compiler manual, cc -optimise-to-death -and-some-more
b) Edit the rules file down, or at least cut bits out :(

Dom

 
 
 

Crack is too slow!

Post by Brian E. Galle » Fri, 18 Aug 1995 04:00:00


Of course, you *did* build crack with ufc-crypt, right?  On my AViiON,
it only takes a couple of hours to run a 600-entry /etc/passwd.

=====================================================================
| It's nice to be important, but it's *important* to suck up to the |
| sysadmin  -- Me                                                   |
=====================================================================

=====================================================================

 
 
 

Crack is too slow!

Post by Szymon Sok » Fri, 18 Aug 1995 04:00:00


: Greetings!  With a bit of help, I have just installed Crack on my system.
: The problem is, I have a Sequent SE5000 system with 2 Pentium processors,
: and with practically no CPU load besides Crack, Crack has been running
: for 10 hours, and is only on its 13'th passwd entry.  I installed a
: dictionary with 245,000 words.

Don't use Crack. Use a proactive password checker hooked into /bin/passwd
(so that passwords are "checked" against Crack rules as the user *sets* the
new password - no need for encrypting 245,000 words in order to find this
one that matches...).

npasswd 2.0 which does exactly that
(http://uts.cc.utexas.edu/~clyde/npasswd.html for details).
--
                       Szymon Sokol -- Network Manager
U    U M     M M     M University of Mining and Metallurgy, Computer Center
U    U MM   MM MM   MM ave. Mickiewicza 30, 30-059 Krakow, POLAND
U    U M M M M M M M M TEL. +48 (12) 172885, 172894   FAX +48 (12) 338907
 UUUU  M  M  M M  M  M WWW page: http://www.uci.agh.edu.pl/~szymon/

 
 
 

Crack is too slow!

Post by Trey Breckenridg » Fri, 18 Aug 1995 04:00:00



>c) Any tips for increasing the speed of Crack?

If you have multiple machines available to you, use the -network option.
It also works very well with ONE machine.  I make a single quad processor
machine appear as four networked machines.

--
    Trey Breckenridge               Mississippi State University/NSF
     -Systems Administrator           ENGINEERING RESEARCH CENTER
     -Database Administrator                     for

 
 
 

Crack is too slow!

Post by Gord Matzigke » Fri, 18 Aug 1995 04:00:00


-----BEGIN PGP SIGNED MESSAGE-----

 JB> Do you (or anyone) have a suggestion as to what to replace
 JB> /BIN/passwd with that checks for pinheaded passwords?

Here is an announcement for anlpasswd-2.0.  We're using 2.3, available
from the same site.

It required a tiny bit of hacking to get into place on our SunOS 4.1.3
machines, but it was worth it.  If you like perl, I think it's the
best solution.  It wasn't much effort to add chfn and chsh support to
it, either.

Just read the source, and all will be clear.

- --Gordon

- --
Gordon Matzigkeit     |  Heck, it was only a TOASTER... lighten up!

Keyprint: D5 66 08 E0 4D F4 D7 7B 8A C8 8A 9C 7F 39 25 A7 - ID 339ABEB9

======================================================================

           Announcing "ANLpasswd" (formally perl-passwd2).

While other programs check for bad passwords after the fact, it is
important to have good passwords at all times, not just after the
latest Crack run.  To this end we have modified Larry Wall's Perl
password program and added;

        "ypsmarts", so that it does the intelligent thing in an NIS
        environment,

        it allows for gecos changes, and also

        checks a sorted list of all the "bad passwords".

The list of bad passwords are ALL the words that Crack will generate,
given all the dictionaries that we could get our hands on (107 MB of
unique words, so far). The combination of improvements has turned
publicly available code into a powerful tool that can aid sites in the
maintenance of local security.

We have presented this code at SURF 92 and SUG 92.  It has also been
referenced in _Unix Review_.

We have been using it for a year now and haven't had any major
problems.  I know that a couple other sites are also using it.  It
currently runs on: Sun, IBM, NeXT, SGI, Intel iPSC860, Alliant,
Encore, BBN TC200, Solbourne, Sequent.

Also if you enter a reasonable email address to our not-so-anonymous
ftp server, we will notify you of any updates.

It can be anonymous ftp'd from:

        info.mcs.anl.gov

You'll find the whole package in:

        /pub/systems/anlpasswd-2.0.tar.Z

If you find it useful, please let us know.  Also please let us know of
any improvements you may add.

- --Mark
Mark Henderson                                  Building 203  Room C-250
Manager, Advanced Computing                     9700 South Cass Avenue
Argonne National Laboratory                     Argonne, Illinois 60439

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMDOQECFsfCEzmr65AQHDyAP/Ryg4+k1BlKcfCA5i7OrG7huzZYzOrJEy
wefwQCjHW6PIHFN27ex0IOWR3ixr/URARh7aSczX1uxEO9zYi9ldT4kPj5mx0l5F
bmV4IDkexaJ8Ja4Fw6rZstYI2PAmt3uh7F/WEkFpTLJoJKZwXJDfkfKUzgZMW+F2
BBWvjMEBBM4=
=8h/2
-----END PGP SIGNATURE-----

 
 
 

Crack is too slow!

Post by Jim Boc » Fri, 18 Aug 1995 04:00:00


Do you (or anyone) have a suggestion as to what to replace
/BIN/passwd with that checks for pinheaded passwords?

Thanks in advance,
-Jim

(Please CC via e-mail)
----------------

En Technology, Inc.
78 Elm St., POB 657                             TEL: 603/863-1904
Newport, NH 03773-0657                          FAX: 603/863-9310

--Entropy isn't what it used to be.

 
 
 

Crack is too slow!

Post by Wes Felt » Fri, 18 Aug 1995 04:00:00



Quote:> Greetings!  With a bit of help, I have just installed Crack on my system.
> The problem is, I have a Sequent SE5000 system with 2 Pentium processors,
> and with practically no CPU load besides Crack, Crack has been running
> for 10 hours, and is only on its 13'th passwd entry.  I installed a
> dictionary with 245,000 words.

Do NOT remove from your dictionary words with more than eight characters
since your password program should allow them to be used.  It will just
truncate them back to eight characters.

-Wes

 
 
 

Crack is too slow!

Post by Wes Felt » Fri, 18 Aug 1995 04:00:00



Quote:> Greetings!  With a bit of help, I have just installed Crack on my system.
> The problem is, I have a Sequent SE5000 system with 2 Pentium processors,
> and with practically no CPU load besides Crack, Crack has been running
> for 10 hours, and is only on its 13'th passwd entry.  I installed a
> dictionary with 245,000 words.

This is a place where more is NOT better...having a hugh dictionary.  I
have another program similar to Crack and after removing all words with
less than five characters and cutting the words with more than eight
characters down to eight (though I'm not sure this was necessary) and
throwing out words that no one would ever use as passwords, my program
runs 15 times faster.  I would sure suggest setting up a special "short
version" dict for password cracking.  I still use my full dictionary for
checking passwords proactively.

-Wes

 
 
 

1. SCO 5.0.2 NSF is slow - VERY slow What am I doing wrong??

I have two machines with OpenServer 5.0.2 connected by TCP/IP.  rcp works,
rlogin works, telnet works, and ftp works.  But when I tried to experiemnt with
nsf I found out that it is slow - very slow.  

This is my PCs' specs.

pasta (pasta.takadom.org) 134.1.1.2
Pent-75
1.6GB/32MB
SMC 8432BT
/etc/exports
/u

sushi (sushi.takadom.org) 134.1.1.1
586-133
2.5GB/16MB
Intel EtherExpress 16
/etc/exports
/v

On sushi, I login as root and type "mount pasta:/u /usr/takakami/tempmount"

Response:
WARNING: NFS server pasta not responding, still trying
WARNING: NFS server pasta ok

#

This takes 5 minutes.  (from my command to getting a prompt back)

mount
/on /dev/root read/write on ******
/stand on ****************
/u on *********************
/v on ********************
/usr/takakami/tempmount on pasta:/u read/write on ******************

This is immediate.  

Then I do
cd/usr/takakami/tempmount

I go get my coffee, pick up my laundries.....  10 minutes later I get
#

Then I do l

Response
WARNING: NFS server pasta not responding, still trying
WARNING: NFS server pasta ok
WARNING: NFS server pasta not responding, still trying
WARNING: NFS server pasta ok

10 minutes later, I hit {del} to abort
#

After setting up tcp/ip to be able to do rcp, rlogin, telnet, ftp, the only
file I changed (added) was /etc/exports file.

I verified mountd, nfsd, pcnfsd, and biod was running.  Accroding to several
past posts, nfs get defined default when one install OpenServer 5.0.2.

What am I doing wrong here?  

The situation is similar the other way around (trying to nfs mount /v on sushi
from pasta)

Thanks!

2. ftp sessions thru masq hang -- is there a fix?

3. Have I been cracked or am I just clueless?

4. Sun 600MP Benchmark Anomaly

5. I was cracked, and am somewhat confused...

6. how to delete DrakeX?

7. I am seeking documeted proof of ircii dcc chat cracks

8. Solaris 2.5 mail groups

9. Am I cracking by someone?

10. Crack is slow?

11. Another IIS Crack? (Take a Crack)

12. c50a stop cracking after few days: T:1001249644:Crack: Done.

13. Netbios crack from cracked firewall?