Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 3 Aug 2010 05:06:17 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Subject: [openwall-announce] new Owl ISOs; JtR news; books; another phpass article

Hi,

As usual, this is a cumulative announcement for several things at once.
I'll start with the newest and most important (for us at least):

1. New ISO images and pre-created OpenVZ container templates of
Owl-current for i686 and x86-64 are available on our FTP mirrors.  The
ISOs are also available via direct download links on the Owl homepage:

http://www.openwall.com/Owl/

We have once again updated Owl to use OpenVZ's latest kernel from their
"rhel5" branch, and we've switched to using RPM-packaged kernels, but in
a way allowing for easy non-packaged builds as well.  At the same time,
we've introduced support for the ext4 filesystem (in fact, it is now
offered by default for new installs), and we've improved CD bootup and
the installer ("settle") in numerous ways.  The packages of passwdqc,
strace, lftp, tcb, JtR, and Postfix have been updated to new versions,
and changes have been made to several other packages.  Please refer to
the more detailed announcement on owl-users:

http://www.openwall.com/lists/owl-users/2010/08/03/1

and to the change log:

http://www.openwall.com/Owl/CHANGES-current.shtml

This new snapshot will also be available for purchase on CD (both i686
and x86-64) in a couple of days from now:

http://www.openwall.com/Owl/order

2. Speaking of John the Ripper, examples of how to crack SMTP's AUTH
CRAM-MD5 and LM and NTLM challenge/response exchanges have been posted
to the john-users mailing list:

http://www.openwall.com/lists/john-users/2010/07/27/1 - SMTP AUTH CRAM-MD5
http://www.openwall.com/lists/john-users/2010/07/09/1 - LM and NTLM C/R

The jumbo patch is now up to revision 1.7.6-jumbo-6 (adding some
bugfixes), and it will be updated even further soon:

http://www.openwall.com/john/#contrib

Petur Ingi Egilsson wrote a step-by-step guide entitled "John the Ripper
on a Ubuntu 10.04 MPI Cluster":

http://www.openwall.com/lists/john-users/2010/07/10/1

3. We've setup a web page with recommended computer security books (and more):

http://www.openwall.com/books/

4. A short and very easy to follow article on introducing phpass
password hashing into an existing PHP application has been published on
the UE Developer website:

http://dev.myunv.com/articles/secure-passwords-with-phpass/

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.