Devrim GUNDUZ wrote:
> Hi,
>
> On Sal, 2002-12-31 at 19:38, Tom Lane wrote:
> >
> > This is not a cracker, this is just a brute-force "try all possible
> > passwords" search program (and a pretty simplistic one at that).
>
> Ah, you're right.
>
> > I'd say all this proves is the importance of choosing a good password.
> > Using only lowercase letters is a *bad* idea, especially if you're only
> > going to use five of 'em...
>
> I had no time to search throug the code; but as far as I understood, it
> *attacks* the database servers with TCP/IP on, right?
It sniffs the packets going over the wire, so it can only be internet
sockets, not unix domain sockets (both use tcp/ip).
They basically sniff the text we send, and try passwords until the
result matches the successful reply the client sent.
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073
