Hi,
I'd like to announce two news items on John the Ripper
password cracker,
as well as to remind of and provide advice on tonight's Y2K7
problem as
it relates to Openwall GNU/*/Linux (Owl). If you've only
installed
Owl 2.0+, please don't be alarmed - Owl 2.0 is not affected,
but systems
running or upgraded from older versions of Owl might be.
1. John the Ripper Pro is now available for Mac OS X on both
PowerPC and
Intel Macs, making use of AltiVec and SSE2 acceleration,
respectively:
http://www.o
penwall.com/john/pro/macosx/
On Mac OS X, the features currently specific to Pro versions
are:
- Pre-built and well-tested native package (dmg) which may
be installed
the usual way - no need to compile.
- Universal binary that will run on both PowerPC and Intel
Macs, making
use of AltiVec and SSE2 acceleration, respectively. (A
non-AltiVec
version is also included for users of older PowerPC-based
Macs.)
- A large multilingual wordlist optimized specifically for
use with
John the Ripper (4,106,923 entries, 43 MB uncompressed) is
included in
the package, and John the Ripper is pre-configured for its
use.
- The included documentation is revised to be specific for
the given
package on Mac OS X rather than generic, making it easier to
understand.
I'd like to thank Erik Winkler for his help in making this
release
possible.
2. The NTLM (MD4-based) and Windows credentials cache hashes
support
patches for John the Ripper linked from the contributed
resources list
on the John the Ripper homepage have been replaced with much
faster (yet
portable) implementations contributed by Alain Espinosa:
http://www.openwall.com
/john/
Please note that these patches are still under active
development and
thus they have not yet received as much testing as the old
patches for
these hash types did. If you prefer, you may find the old
patches in
the contrib/ and contrib/historical/ FTP directories.
Any comments or questions on John the Ripper and the
contributed patches
should be addressed to the john-users mailing list. The
subscription
instructions are available right on the John the Ripper
homepage above.
3. According to the Wikipedia article, "starting in
2007, Daylight
Saving Time in many jurisdictions of the United States and
Canada will
begin earlier and run later than in previous years; it will
start on the
second Sunday in March and end on the first Sunday in
November."
http://en.wikipedia
.org/wiki/Y2K7
What this means is that older versions of computer software,
and
specifically operating systems, might not switch to DST
tonight as they
should. Openwall GNU/*/Linux (Owl) 2.0 release, as well as
2.0-stable
and post-2.0 -current, are not affected as they already
include a
version of glibc with a timezone file that includes this
update.
However, older (unsupported) versions of Owl are affected.
Perhaps more
importantly, systems that have been upgraded to Owl 2.0 or
newer from a
pre-2.0 version of Owl might be affected if the
/etc/localtime file has
been left from a previous version of Owl. To correct this,
you need to
run the "setup" program (it's installed on the
system - just type
"setup" to invoke it) and choose your timezone
again. This will
overwrite /etc/localtime with the corresponding file from
under
/usr/share/zoneinfo/. Alternatively, you may copy the file
manually.
After having replaced /etc/localtime, you need to either
reboot the
system or restart its services (start with "service
syslog restart",
then proceed with the rest of the services that might have
the old
timezone info cached).
If you have any comments or questions on this issue, please
post them to
the owl-users mailing list. The subscription instructions
are available
right on the Owl homepage:
http://www.openwall.com/
Owl/
Thanks,
--
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55
A2FC 027C 5B34 1F15
http://www.openwall.com -
bringing security into open computing environments
|