Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Sep 2011 02:41:34 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: External filter question

On Tue, Sep 13, 2011 at 12:11:50AM +0200, Pablo Fernandez wrote:
> I did some tests, and even 512 was not enough (plain john -i with MD5 hashes).

The I/O buffering for john.pot is not in any direct way based on the
number of candidate passwords tested.  I'm sorry if I did not make this
clear enough.

My answer was for crypto-related buffering only, which I thought was
what you asked about in that place of your posting.

> What indeed turned out to be useful was to put:
> Save = 1
> in john.conf. But this practically duplicated running time (trying 9 salts, 
> block size: 50000).
> 
> Does this make sense? In the documentation it seems to be only for recovering 
> sessions.

It does make sense, but even with files updated every second you're not
guaranteed that you only need one more second of run time for nothing
important to be lost.  The crypto-related buffering may increase the
required extra run time beyond 1 second.

> I guess that, when you said I need to make ext_globals an array, you meant "an 
> array of structs", right?

Yes.  If you like to discuss this sub-topic further, please start a new
thread on the john-dev list, e.g. "variable exports to external mode".

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.