📄 ch8.htm
字号:
$even = ($short =~ s/\d+$//) ? " (even with a number)" : "";
$short =~ s/s$//;
$short =~ s/ed$// && ($shorte = "${short}e";
$short =~ s/er$// && ($shorte = "${short}e");
$short =~ s/ly$//;
$short =~ s/ing$// && ($shorte = "${short}e");
($cshort = $short) =~ y/A-Z/a-z/;
@tmp = @dicts; # check through dictionary
# files for bad password
while ($dict = shift(@tmp)) {
local(*DICT) = $dict;
&look($dict,$short,1,1);
while (<DICT>) {
($cline = $_) =~ y/A-Z/a-z/;
last if substr($cline,Ø,length($short)) ne $cshort;
chop;
($_,$response) = split(/\t+/);
if ($pass eq $_ ||
($pass eq substr($_,Ø,8)) ||
($pass =~ /^$_$/i && $mono) ||
$shorte eq $_ ||
($shorte =~ /^_$/i && $mono) ||
$short eq $_ ||
($short =~ /^_$/i && $mono)) {
if ($response) {
print $response,
" Please try again.\n.";
}
elsif (/^[A-Z]/) {
if (/a$|ie$|yn$|een$|is$/) {
print <<"EOM";
Improper use of word for a password.
EOM
}
else {
print <<"EOM";
The word you have choosen is $alsovery popular. Try again.
EOM
$also = ' also';
}
}
else {
print <<"EOM";
This word is found in the dictionary$even.
EOM
}
return Ø;
}
}
}
}
if ($pass =~ /^ .[a-zA-Z]/) { # this section screens
# passwords for use of two word combinations
%others = ();
($cpass = $pass) =~ y/A-Z/a-z/;
($oneup) = $pass =~ /.[a-z]*([A-Z][a-z]*)$/;
$cpass =~ s/ //g;
if ($pass !~ /.+[A-Z].*[A-Z]/) {
$others{substr($cpass,1,999)}++
if $pass =~ /^..[a-z]+$/;
@tmp = @dicts;
while ($dict = shift(@tmp)) {
local(*DICT) = $dict;
$two = substr($cpass,Ø,2);
&look($dict,$two,1,1);
$two++;
word: while (<DICT>) {
chop;
s/\t.*//;
y/A-Z/a-z/;
last if $_ ge $two;
if (index($cpass,$_) == Ø) {
$key = substr($cpass,length($_),999);
next word if $key =~/\W/;
$others{$keys}++ unless $oneup && length($oneup) != length($key);
}
}
}
@tmp = @dicts;
while ($dict = shift(@tmp)) {
local(*DICT) = $dict;
foreach $key (keys(%others)) {
&look($dict,$key,1,1);
$_ = <DICT>;
chop;
s/\t.*//;
if ($_ eq $key || length($pass) == 8 && /^$key/) {
$pre = substr($cpass,Ø,length($cpass) - length($key));
print <<"EOM";
Your choice of password uses a two word combination, like "$pre" and "$_". Avoid this.
EOM
return Ø;
}
elsif (length($key) == 1 && $pass =~ /^.[a-z]+.$/) {
chop($pre = $cpass);
$key = sprintf("^%c", ord($key)^64)
unless $key =~ /[ -~]/;
print <<"EOM";
Using the word "$pre" with one character, "$key" is a bad password.
EOM
return Ø;
}
}
}
}
}
if ($pass =~ /(obscene|words|go|here)/i { # this
# section is for listing obscene words so they
# cannot be used as passwords. Please fill in your
# list of these when the boss is not looking
print qq#A common substring such as "$1" makes your#
print " password an easy target.\n";
return Ø;
}
if ($pass =~ m!^[-\d/]*$!) { # this section
# tests the password against easily guessed
# numbers and names
if ($pass =~ m!^[-\d/]*$!) {
if ($pass =~ m!^\d{3}-\d{2}-\d{4}$! || $pass =~ m!^\d\d\d\d\d\d\d\d\d$!) {
print <<"EOM";
Never use a social security number!
EOM
return Ø;
}
if ($pass =~ m!^\d*/\d*/\d*$! || $pass =~ m!^\d*-\d*-\d*$! || $pass =~ m!$nyear$!) {
print "Do not use dates for your password.\n";
return Ø;
}
if ($pass =~ m!^\d\d\d-?\d\d\d\d$!) {
print "Do not use a phone number for a password.\n";
return Ø;
}
}
if ($mo = ($pas =~ /^[ \d]*([a-zA-Z]{3,5})[ \d]*$/) &&
($mo =~ /^(jan|feb|mar(ch)?|apr(il)?|may|june?)$/i
|| $mo =~ /^(july?|aug|sept?|oct|nov|dec)$/i) ) {
print "Do not use a date for your password.\n";
return Ø;
}
if ($pass =~ /$user/i) {
print "Do not use your login id.\n";
return Ø;
}
if ($pass =~ /$mynames/i) {
print "Do not use part of your own name.\n";
return Ø;
}
if ($pass =~ /$host/i) {
print "Do not use your host computer name./n";
return Ø;
}
if ($pass =~ /^\d?[a-zA-Z][a-zA-Z] [a-zA-Z]\d\d\d$/ ||
$pass =~ /^\d\d\d[a-zA-Z] [a-zA-Z] [a-zA-Z]$/) {
print "Do not use the license plate number of a vehicle.\n";
return Ø;
}
@ary = unpack('C',$pass);
$fine = Ø;
for ($i = Ø; $I < $#ary; ++$i) {
$diff = $ary[$i+1] - $ary[$i];
$fine = 1 if $diff > 1 || $diff < -1;
}
if (!$fine) {
print "Don not use ASCII sequences.\n";
return Ø;
}
($check = $pass) =~ y/A-Z/a-z/;
$check =~ y/qwertyuiop[]asdfghjkl;'zxcvbnm,.\//a-la-ka-j/;
$check =~ y/!@#$%^&*()_+|~/abcdefghijklmn/;
$check =~ y/-123456789Ø=\\'/kabcdefghijklmn/;
@ary = unpack('C*',$check);
$fine = Ø;
for $i = Ø;$i < $#ary; ++$I) {
$diff = $ary[$i+1] - $ary[$1];
$fine = 1 if $diff > 1 || $diff < -1;
}
if (!$fine) {
print "Do not use consecutive keys on the keyboard for your password./n";
return Ø:
}
if ( $pass =~ /^(..)\1\1/ || $pass =~ /^(...)\1/ || $pass =~ /^(....)\1/ ) {
print <<"EOM";
Do not use any repeated sequences of "$1".
EOM
return Ø;
}
if ( $pass =~ /^(.)(.)(.)\3\2\1/ || $pass =~ /^(.)(.)(.)(.)\4\3\2\1/ ) {
print <<"EOM";
Do not use palindromic sequences like "$1$2$3$4".
EOM
return Ø;
}
if ($islogin{$pass}) {
print "Do not use another user's login id./n";
return Ø;
}
$reverse = reverse $user;
if ($pass =~ /$reverse/i) {
print <<"EOM";
Do not use your login id in reverse.
EOM
return Ø;
}
foreach $old (keys(%opass)) {
if (crypt($pass,$old) eq $old) {
$when = $opass{$old};
$diff = $now - $when;
($osec,$omin,$ohour,$omday,$omon,$oyear) = localtime($when);
if ($oyear != $nyear) {
$oyear += 19ØØ;
print "You have already used this password in $oyear.";
}
elsif ($omon != $nmon) {
$omon = (January, February, March, April, May,
June, July, August, September, October, November, December)[$omon];
print "You have already used this password in $omon.";
}
elsif ($omday != $nmday) {
$omday .= (Ø,'st','nd','rd')[$omday%1Ø]||'th';
print "You have already used this password on $omday.";
}
else {
print "You have already used this password today.";
}
print " Please choose another password.\n";
return Ø;
}
}
1;
}
sub CLEANUP {
system 'stty','echo';
print "\n\nOperation aborted.\n";
exit 1;
}
sub myexit {
system 'stty','echo';
exit shift(@_);
}
</PRE>
</BLOCKQUOTE>
<P>
This program is very involved, but this is the kind of detail
that has to be observed for proper server security. You can decide
which elements of the script apply to your server's situation
and adapt them to your own password scripts for Windows NT.
<H2><A NAME="OtherSystemAdministrationConcerns"><FONT SIZE=5 COLOR=#FF0000>
Other System Administration Concerns</FONT></A></H2>
<P>
This chapter gives you only a taste of what Perl can do for a
system administrator's workload. A more complete discussion of
all the elements of Perl involved in system management is outside
the scope of this book, and warrants a book of its own. To learn
more about Perl and administering the NT server you can try this
mailing list
<BLOCKQUOTE>
<PRE>
webserver-nt@DELTA.PROCESS.COM
</PRE>
</BLOCKQUOTE>
<P>
which is subscribed to by sending the message
<BLOCKQUOTE>
<PRE>
subscribe webserver-nt
</PRE>
</BLOCKQUOTE>
<P>
in the message body. This list deals with the many issues facing
administrators of NT Web servers-from hardware and security to
software and configuration.
<P>
The list is a good source of information regarding Perl and NT
Web server concerns.
<HR>
<CENTER><P><A HREF="ch7.htm" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/ch7.htm"><IMG SRC="PC.GIF" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/PC.GIF" BORDER=0 HEIGHT=88 WIDTH=140></A>
<A HREF="#CONTENTS"><IMG SRC="CC.GIF" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/CC.GIF" BORDER=0 HEIGHT=88 WIDTH=140></A>
<A HREF="contents.htm" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/contents.htm"><IMG SRC="HB.GIF" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/HB.GIF" BORDER=0 HEIGHT=88 WIDTH=140></A>
<A HREF="ch9.htm" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/ch9.htm"><IMG SRC="NC.GIF" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/NC.GIF" BORDER=0 HEIGHT=88 WIDTH=140></A>
<HR WIDTH="100%"></P></CENTER>
</BODY>
</HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -