Log in

No account? Create an account
Linux Community's Journal
[Most Recent Entries] [Calendar View] [Friends View]

Thursday, July 22nd, 2004

Time Event
The bottom line
"Do you trust both the talent and moral integrity of the company you are getting your closed source software from so much that you think the products they are supplying you are superior (from a security standpoint) to those that can be created via peer review and attack by tens of thousands?"

Just downloaded this totally sleazy tutorial on how to crack htpasswd via a common cgi script that interfaces with said password file. Know that htpasswd's encryption is weak, but, wondering if there was an Apache mod to use blowfish encryption with htpasswd? Then, it'd render all the directory traversal that is done via the cgi scripts with htpasswd less fruitful.

<< Previous Day 2004/07/22
Next Day >>
About LiveJournal.com