ZDNet asks the $100,000 question: How do you predict the actions
of a criminal? The answer is to get into his or her head, work out
what makes them tick and learn the techniques they have at their
disposal. This includes noting some of the most common mistakes
individuals can make when securing their Linux system:
"We are each given a laptop running both Windows NT 4 and
Mandrake Linux (via VMWare's Workstation app). But we are not given
passwords -- instead, our instructors inform us that we are
expected to break in. Many students are nervous at first, but
within two or three minutes most students have guessed their way on
to their machines."
"This turns out to be an object lesson in the problem of weak
passwords. The NT and Linux account passwords are the two most
commonly used on laptops: 'password' and blank."