Debian 6 ISPConfig 3 /etc/john

Discussion in 'Server Operation' started by happz, Apr 19, 2011.

  1. happz

    happz Member

    Hello all.

    I was browsing around the server this morning and found something I've not seen before. A folder located here: /etc/john

    I installed this server on, I believe 3.4.11 and the /etc/john folder shows a changed date of 3.24.11

    Inside of this folder /john is: john.conf, john-mail.conf, and john-mail.msg and they are all dated - (changed- 10.17.2009)

    It cleared talks about hacking your password and in the msg folder it has a standard message:

    [Subject: Bad password!


    Your password for account @LOGIN at host @HOSTNAME is too easy!
    Please change it as soon as possible.

    John the Ripper, an automated password cracker.]

    The john.conf has a script which I will post a small amount of it here:
    # This file is part of John the Ripper password cracker,
    # Copyright (c) 1996-2006,2008 by Solar Designer

    # Wordlist file name, to be used in batch mode
    Wordlist = /usr/share/john/password.lst
    # Use idle cycles only
    Idle = N
    # Crash recovery file saving delay in seconds
    Save = 600
    # Beep when a password is found (who needs this anyway?)
    Beep = N

    There is many more files but it almost looks like a hack to help warn of weakpasswords but honestly, I've not seen this before.

    Anyone care to comment?

    Last edited: Apr 19, 2011
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    John the ripper is a password checking software, it has its config file sin /etc/john. It is used to find passwords that are too simple and to warn the users. The file you posted above is the email template of that software. It is part of openwall project

    See here:

    Ths software john the ripper is not part of ispconfig or the perfect setup. But its a normal security tool and not a hacker tool in my opionion.
  3. happz

    happz Member

    Good news. Thanks Till!


Share This Page