Yoggie for the win …

Yoggie Open Firewall Pico is a pretty cool invention. As a geek I was basically forced to get myself one of those miniature Linux firewalls. Now, no one will deny that Yoggie exists for security reasons and although the separation is not actually physical, it almost is (the redirection happens in kernel mode, apparently via an NDIS driver).

However, so far I’ve found two major drawbacks:

  1. No support for x64 Windows.
  2. Passwords are seriously truncated at 8 characters in the management console.

There is nothing anyone could do about the first one without a major reverse engineering effort, I’d presume, but the second is kind of laughable. It bit me at the point where I tried to log into the Yoggie using SSH. My password just wouldn’t work – until I tried the password truncated to 6, then 7, then 8 … and voila I got in.

Depending on the method used in password/shadow, the length doesn’t make sense beyond 14 characters in some cases, but 8 seems rather arbitrary and short.

// Oliver

This entry was posted in EN, IT Security, Software. Bookmark the permalink.