Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 10 Mar 2007 23:13:38 +0300
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Subject: [openwall-announce] JtR Pro for Mac OS X; new JtR NTLM patch; Owl and Y2K7

Hi,

I'd like to announce two news items on John the Ripper password cracker,
as well as to remind of and provide advice on tonight's Y2K7 problem as
it relates to Openwall GNU/*/Linux (Owl).  If you've only installed
Owl 2.0+, please don't be alarmed - Owl 2.0 is not affected, but systems
running or upgraded from older versions of Owl might be.

1. John the Ripper Pro is now available for Mac OS X on both PowerPC and
Intel Macs, making use of AltiVec and SSE2 acceleration, respectively:

	http://www.openwall.com/john/pro/macosx/

On Mac OS X, the features currently specific to Pro versions are:

- Pre-built and well-tested native package (dmg) which may be installed
the usual way - no need to compile.

- Universal binary that will run on both PowerPC and Intel Macs, making
use of AltiVec and SSE2 acceleration, respectively.  (A non-AltiVec
version is also included for users of older PowerPC-based Macs.)

- A large multilingual wordlist optimized specifically for use with
John the Ripper (4,106,923 entries, 43 MB uncompressed) is included in
the package, and John the Ripper is pre-configured for its use.

- The included documentation is revised to be specific for the given
package on Mac OS X rather than generic, making it easier to understand.

I'd like to thank Erik Winkler for his help in making this release
possible.

2. The NTLM (MD4-based) and Windows credentials cache hashes support
patches for John the Ripper linked from the contributed resources list
on the John the Ripper homepage have been replaced with much faster (yet
portable) implementations contributed by Alain Espinosa:

	http://www.openwall.com/john/

Please note that these patches are still under active development and
thus they have not yet received as much testing as the old patches for
these hash types did.  If you prefer, you may find the old patches in
the contrib/ and contrib/historical/ FTP directories.

Any comments or questions on John the Ripper and the contributed patches
should be addressed to the john-users mailing list.  The subscription
instructions are available right on the John the Ripper homepage above.

3. According to the Wikipedia article, "starting in 2007, Daylight
Saving Time in many jurisdictions of the United States and Canada will
begin earlier and run later than in previous years; it will start on the
second Sunday in March and end on the first Sunday in November."

	http://en.wikipedia.org/wiki/Y2K7

What this means is that older versions of computer software, and
specifically operating systems, might not switch to DST tonight as they
should.  Openwall GNU/*/Linux (Owl) 2.0 release, as well as 2.0-stable
and post-2.0 -current, are not affected as they already include a
version of glibc with a timezone file that includes this update.
However, older (unsupported) versions of Owl are affected.  Perhaps more
importantly, systems that have been upgraded to Owl 2.0 or newer from a
pre-2.0 version of Owl might be affected if the /etc/localtime file has
been left from a previous version of Owl.  To correct this, you need to
run the "setup" program (it's installed on the system - just type
"setup" to invoke it) and choose your timezone again.  This will
overwrite /etc/localtime with the corresponding file from under
/usr/share/zoneinfo/.  Alternatively, you may copy the file manually.
After having replaced /etc/localtime, you need to either reboot the
system or restart its services (start with "service syslog restart",
then proceed with the rest of the services that might have the old
timezone info cached).

If you have any comments or questions on this issue, please post them to
the owl-users mailing list.  The subscription instructions are available
right on the Owl homepage:

	http://www.openwall.com/Owl/

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ