[for-q-clinton]

Also that just proves Rainbow Crack isn't 100% against windows passwords (or even 90% with the right password policy).

Don't get me wrong, salting is a good thing, but it's not the fool proof against brute force. It's more of a way to help protect dumb admins that allow weak/short passwords.

Oh ya, as far as Rainbow goes...my brief reading of it says you can tailor the hash table to what you need. So if you know the linux password is 8 and the salt is 4...you'd start with 12 character passwords to hash. So Linux is just as vulnerable.

[ShadowAce]

So if you know the linux password is 8 and the salt is 4...you'd start with 12 character passwords to hash.

That is incorrect as well.

A 12-char password would produce a different hash than a 4 char salt+8 char password. You'd also have to know the 4 char salt, and that is a random string produced by the system for each user--so even if you know a user name, you wouldn't know the salt. Without the salt, you cannot run the hash through Rainbow, as it assumes the entire hash is a password.

Rainbow would just produce a password based on a 12 char policy and it wouldn't work.