Your IP address is 54.91.159.232

Filters

Filtering MD5 and CRYPT password hashes in whois query output

 

Consequent to the community’s request in December 2012, the AFRINIC whois database will no longer display hashes of MD5 and CRYPT encrypted passwords in all mntner (whois database) objects starting 15.12.2012

Currently, majority of objects in the AFRINIC whois database are protected by and authenticate through a mechanism that uses clear text passwords encrypted with the md5 algorithm for authentication. There are two major concerns with this method:

 

 

  • The md5-hashed password has traditionally been visible in all mntner objects. This makes it vulnerable to crackers, given that computers these days are armed with more than enough processing power to unhash these passwords in a relatively short time.
  • When performing a whois database update, plain text passwords are attached into the objects to be updated and sent by email to the whois database. This introduces a possibility for the password to be sniffed in case there is no form of encryption between the sender, recipient and their relaying Mail Transfer Agents.

We have implemented a filter in the whois database such that whois queries do not display md5 and crypt hashes again. This mitigates the potential for anyone to run a script or program that will crack those passwords, as they are no longer visible.

 The new procedure for updating and deleting your mntner objects is published here

AFRINIC encourages and recommends the use of PGP for protecting your whois data. The procedure for using PGP with the AFRINIC whois database is available here.

 For more information, comments or assistance on this matter, please e-mail This e-mail address is being protected from spambots. You need JavaScript enabled to view it  or contact us on +230 403 5100