Unix Administrator.org

ESTABLISHED 1995

 

July 12, 2012

Random Password Generator

The fatal flaw of any random password generator is the dubious person that uses them. Yes you may be that dubious person. I use sites that generate passwords. These sites however don't use SSL, and there for the passwords are not secure. This means that all 50 of your favorite new passwords have been broadcasted to the world.

So how do you fix this little mistake. First off you generated 50 of them. Copying unequal sections of the fifty into a new string helps to fix the basic problem. But it's not a full solution.

Next consider a simple solution take half the text string. using the echo cmd on unix "echo 'string of bits' |rev". Now a good chunk of those bits don't match anything in the original strings.

Next it's important to SALT your particular password. That is essentially adding your own random bits to the password. If you SALT your password with one or three characters of your own and ALT char's you've fixed a good portion of the problem.



Eating Crow

I have on ocassion gone stomping off through the wild woods of the internet looking for the fault in one of my systems. On ocassion I have had to eat crow. Today was one of those days

I was looking to do a little updating to get a site in order but for some reason I couldn't resolve the mail and ftp site addresses. I was "diging" for the information from our dns server locally but nothing returned. I'd do a dig -t and still it wouldn't resolve. I couldn't figure out the cause.

I called hosting to let them know you "have a problem." I kept trying to iterate what was wrong and that it wasn't working. They kept indicating that everything was alright. But I just wasn't getting it. I had the thought to go look at the zones on the dns server, and check the firewall logs. Low and behold another admin put a forward zone look up for the whole domain in. The way the hosting company dns was setup the forward would never work. Only one of the records was right and only on one of the two dns servers. That was definitely not expected.

Let there be Crow!. And there was, and it wasn't good. I had to back peddle and felt terrible.