Posts by Stephen White 7 publicly visible posts • joined 12 Jun 2007
Obviously many attackers are using a well known password.lst file as the basis of their attacks.
This file starts:
#!comment: This list has been compiled by Solar Designer of Openwall Project,
#!comment: http://www.openwall.com/wordlists/
#!comment:
#!comment: This is a list of passwords most commonly seen on a set of Unix
#!comment: systems in mid-1990's, sorted for decreasing number of occurrences
#!comment: (that is, more common passwords are listed first).
#!comment:
#!comment: Last update: 2005/12/16 (3107 entries)
or similar, then has a list of passwords.
So I think that there may be a certain amount of "parsing fail" on the part of the attackers, they're treating the comment lines at the top of the file as entries and using them as the basis for break-in attempts in addition to the proper entries in the file.
An aquantance bought a cheap desktop (can't remember the brand) from PC World. It had 1GB of RAM and Vista installed. It was configured to allocate 256MB of this precious RAM to the graphics chipset, leaving just 0.75GB for Vista (complete with Norton and other bundleware). A totally inappropriate setting for a system with only 1GB of RAM in the first place! Ok, if you're a gamer you might want 256MB (or more) of RAM on your graphics card, but a gamer is hardly likely to be using the graphics chipset built onto a cheapo mobo are they?
Come on OEMs, you can do better.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
