Very Computer

Any help would be apreciated.
--

                                                        Mike Parzynski
                                                        DataLink Associates

It is normal.  Crack is incredibly slow (when you consider that for each
entry in /etc/passwd it is doing 500K encryptions, that's understandable).

The real solution, especially since you now know that your users are choosing
bad passwords, is to use one of the various passwd replacement utilities
that check for a proper password when they choose it.

: The real solution, especially since you now know that your users are choosing
: bad passwords, is to use one of the various passwd replacement utilities
: that check for a proper password when they choose it.

Please excuse the butt-insky, are any of the various passwd replacements
available for Solaris 2.X in an NIS environment?  I have been searching high
and low for about 6 months now.  I don't have the time nor knowledge to write
one myself, so I have been waiting for the author of npasswd to come out with
a NIS version.  If there is something out there that already works under NIS,
I would like to know about it.

Educating users in "Good Passwords 101" is fine, but half of them still choose
lousy passwords.

-------------------------------------------------------------------------------

TACTech, Inc.                                      Voice: (714) 974-7676 ext.15
Yorba Linda, CA

& It is normal.  Crack is incredibly slow (when you consider that for each
& entry in /etc/passwd it is doing 500K encryptions, that's understandable).

        In according to you, yes Crack is slow if running over a single host.

        are you using ufc-crypt ? if no, get it. README...

        UFC-crypt: ultra fast 'crypt' implementation
        ============================================

Design goals/non goals:
----------------------

- Crypt implementation plugin compatible with crypt(3)/fcrypt.

- High performance when used for password cracking.

- Portable to most 32/64 bit machines.

- Startup time/mixed salt performance not critical.

Features of the implementation:
------------------------------

- On most machines, UFC-crypt runs 30-60 times faster than crypt(3) when
  invoked repeated times with the same salt and varying passwords.

- With mostly constant salts, performance is about two to three times
  that of the default fcrypt implementation shipped with Alec
  Muffets 'Crack' password cracker. For instructions on how to
  plug UFC-crypt into 'Crack', see below.

- With alternating salts, performance is only about twice
  that of crypt(3).

- Tested on 680x0, 386, SPARC, MIPS, HP-PA, Convex, Cray,
  Pyramid and IBM RS/6000 systems as well as with gcc on IBM PS/2(DOS)
  and Linux on a 386 PC.

- Requires 165 kb for tables.

- UFC-crypt is known to have compilation problems on some micro computer
  C compilers (e.g. Turbo C++) due to its table sizes. Flame the vendors
  for placing arbitrary limitations on their products. Use & support the
  GNU C compiler, gcc.

        ...

        extract the ufc-crypt library at your Crack home directory
        as directory ufc-crypt. Crack will recognize automatically
        that you want to use ufc-crypt instead of crypt or fcrypt.

        "cd ~Crack/Sources ; make tests" performance results :

                 crypt  fcrypt  xform   ufc     (*crypt per secs)

        hp710    56.1   942.3   1070.1  1771.0
        hp715/50 50.5   986.6   1073.9  1866.2
        hp715/75 79.4   1719.8  1938.8  4385.3
        hp712/80 107.7  2496.8  2830.6  6566.7

        hp720    50.8   986.5   1080.8  1883.5
        hp730    74.5   1487.1  1660.2  3721.8
        hp735    99.2   2237.9  2494.7  5517.9

        ssIPC    21.6   325.9   375.5   802.7
        ssLX     43.4   428.2   475.6   937.0

        ss5      80.2   1098.3  1333.4  1673.6
        ss10     94.6   1097.5  1064.5  1361.8
        ss20     147.8  2039.8  2402.3  3276.0

        (values may change in relation to CPU charge)

        under Solaris, modify the ~Crack/{Sources,ufc-crypt}/Makefile to
        use the BSD compiler (required 4 bzero & gethostname) as :

CC=[ -f /usr/ucb/cc ] && CC=/usr/ucb/cc || CC=cc; $$CC

&&& /\ ufc-crypt /\ &&&&&&&&&&&&&&&&&&&&&&&&&&&&& \/ Crack -network ... \/ &&&

        if you are using a wide lan (more than one workstation :-)
        it is possible to start Crack in // over N workstations
        of N architectures.

        to do this, just update ~Crack/Scripts/network.conf
        (see comments in it) as :

hp-hostname:hppa:1875:::-n4:HP 9000/715-50 w/ ufc-crypt
sun-hostname:sun4:1945:::-n4:SUN SparcStation 5 w/ ufc-crypt

        ~Crack/Scripts/RCrack is buggy at :

"HP*UX")                  # Hewlett Packard boxen

        must be :

 HP*UX )                  # Hewlett Packard boxen

        then fireup Crack over the network as :

~Crack/Crack -network your_passwd_file_to_crack

        don't miss to update ~Crack/Crack as :

#!/bin/sh

PATH=/bin:/usr/bin:/usr/ccs/bin:/usr/ucb/bin:/usr/local/bin export PATH
#    ^^^^ HP compiler
#                  ^^^^^^^^^^^^ Solaris's make
#                               ^^^^^^^^^^^^ Solaris BSD compiler
#                                            ^^^^^^^^^^^^^^ if you have
#                                            gzipped ~Crack/Dicts/bigdicts

...

CRACK_HOME=/full_path_of/Crack-4.1

        I know that this is unordered, but... is the answer complete enough
        to help you ?

        have fun & good luck.
--
   The above opinions are all my own work, and do not represent those of EDF
  _____________________________________  _____________________________________
 /                                     \/                                     \

 |  Direction des Etudes & Recherches  |                                      |
 |   1, Avenue du General de Gaulle    |      Phone: +33 (1) 47 65 30 58      |
 |    92141 Clamart Cedex - France     |       Fax: +33 (1) 47 65 30 01       |
 \_____________________________________/\_____________________________________/