In an Internet environment, an overly simple password can put the server at an important risk. As a manager, we should identify those user accounts with weak passwords to facilitate the next step of security.
We can install John the Ripper software to detect the user's password strength. Let's look at how to install the weak password scanning tool and test it.
First , the steps before the experiment
Mount the Windows shared folder and install the John the Ripper under the shared folder.
The steps of the mounted end are as follows:
- Right-click on shared file with weak scan installation package John the Ripper
- Select Properties, Share, Share (S), drop-down box, select Everyone, click Add, Tap Share (H) to complete the share
3. Because the user on the Mount side is accessed as a mounted guest, it is disabled by default on the Guest account on the mount, so the guest on the mounted side needs to be unblocked
Right click on "My Computer", select Management, select Local Users and Groups, select Users, right-click "Guest", select "Properties", the "account is disabled" before the tick off, click "OK" to complete the release of the Guest
4. Modify the Local policy
Enter Secpol.msc in the search box to open the local security policy.
Select Local Policies--User rights assignment--Deny access to this computer from the network--Remove the guest user
Select security Options--shared security model for local accounts--select Guest only
The above step is to be mounted on the operation, the following for the Mount Linux system operation, the steps are as follows:
Second, mount the installation weak password Scanning Tool
1. Scan shared files using smbclient-l//server IP address/command
2. Create a mount point
3. Mount using the command mount.cifs//192.168.100.88/LAMP/ABC
4. Enter the/ABC directory to view, you can see the shared file has been mounted up, where john-1.8 this package is to be installed in the weak password detection Tool
5. Extract the John Toolkit into the/opt directory, command tar zxvf john-1.8.0.tar.gz-c/opt/
6. Enter the/OPT/JOHN-1.8.0/SRC directory to install the software compilation environment
7. Install the weak password scanning tool after the installation of the compilation environment
8. At this point into the/opt/run directory, you will see a John executable program, this executable is used for weak password scanning.
Here our weak password detection tool is installed, followed by the testing process.
third, the experimental test
1. Create a user Kiwi with a password of 123321
2. Using Cp/etc/shadow/root/password.txt to copy the user's password information to the/root/password.tx file, and John's weak password detection, you can see that the weak password and the corresponding user name is output.
In this case, our weak password detection experiment even succeeded!
Weak password detection for Linux