HowTo: Cracking Prevention
The best method of preventing your machines from being rooted is to make sure that people cannot access the encrypted password itself (thus are unable to decrypt/exploit/match/lookup and counter-measure it). Encrypted passwords used to be stored in a publicaly accessible file “/etc/passwd” file, from what I Understand, /etc/passwd refers to /etc/shadow and the main passwords on any new production machine are (or bloody should be) stored there. /etc/shadow should only be accessible by users with enhanced priveileges (system/root etc). Unfortunately many common network protocols transmit the hashed passwords to allow remote authentication, which is a problem at best.
Even if the attacker has no physical access to the /etc/shadow file itself, it is still possible to gain access to the hash, to crack at later times to exploit the system.
It’s important to choose good passwords, obviously?!!!
Also make sure your chosing a good encryption or hash algorithm that has stood the test’ of production server’s over the years. For instance:
- AES
- SHA-2
- MD5
You can also strengthen even a 10 character password (if you can adequately protect the data transmission by network protocol and disk permissions otherwise) simply by limiting the LOGIN attempts or Loginwait time. 
So simple.
The moral of my story is there is no sufficient amount of security to any system to prevent cracking. Most definately not without a proper security policy for your business, or for yourself personally. The common example of exploited people are those that are putting their passwords (which commonly are used for telephone, banking, email, and a whole sorry collection of things) on post-it notes on their monitor, or even on their hard disk drive, pretty worrying to be honest. Even sophisticated users warned repeatedly about it are known to have such lapses.
Why? Basically, users of any kind get tired of sacraficing usability in the path of security, and as a result, chose to sacrafice the security in aid to work faster; which works well, but can completely ruin the amount of effort spent if gambled badly (i.e. top secret system thats usable = owned). Interesting conclusion, please dont flame me for it.
October 12th, 2006 at 1:55 am
Hi there,
Just got to read your blog and found it pretty interesting.
Been going through a few articles and had to say this … it is “Sacrificing” and not sacraficing”
http://www.thefreedictionary.com/Sacrificing
In one other article ” Howto: Exposing Spam fullstop.”, you mention about “scurge” … the “scourge” of bad spelling marred your otherwise very insightful and information blog!
Thanks for you articles and I look forward to reading more of your stuffs!
October 12th, 2006 at 9:13 am
Hey
Thanks for your comments Snappy! I am making those changes right now; Some might say remarkably, I’m Dyslexic, so I do make some pretty bad errors some times
Thanks again,
Best Wishes,
Azio
October 13th, 2006 at 1:53 am
Hi Aizo,
+50 pts to your credo for taking in the comments so candidly and responding quickly!
Hope to read some cool stuffs from you soon!
Cheers!
October 13th, 2006 at 2:05 am
Heya Snappy!
Gee thanks dude
I can confirm scourge has been fixedto the correct spelling.. haven’t found all the errors yet, 
Thanks again for stopping by dude, any ideas I love to hear - its how you get better!!
Best Wishes,
Azio
December 17th, 2006 at 5:05 pm
hey azio,
i liked the way you write (paraphrase)=)
maybe you should include your citation at the end which is obviously wikipedia.
anyway, it is really more enjoyable and understandable
keep going..