Re: Password Audit tools

From: H Carvey (keydet89@yahoo.com)
Date: Tue Dec 14 2004 - 14:22:59 EST

Next message: Dan Connelly: "Re: Password Audit tools"
Previous message: Curt Purdy: "RE: [in] RE: Laptop Considerations"
Maybe in reply to: Jeffrey M.Miller CISSP: "Password Audit tools"
Next in thread: Dan Connelly: "Re: Password Audit tools"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <F20512AC-4D6C-11D9-BE00-000A95C0A77A@acumeninfosec.com>

>I've used Internet Security Scanner from ISS and really like it's
>ability to pull users from NT domains and test common passwords, such
>as username=password, password=password, etc.
>
>I've considered purchasing the consultant version of l0phtcrack LC5.
>
>Has anyone used LC5 and can anyone compare it to ISS?

I'm not sure that you can compare the two, really. Look at what L0phtcrack does...it's much, much more than simply trying to guess a couple of common passwords.

>Also are there
>any OpenSource tools that can do these sorts of checks?

Checks? Hhhmm...not sure. Password cracking...sure. John the Ripper, or ophcrack (http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php). Ophcrack is something you should probably look at...

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com

Next message: Dan Connelly: "Re: Password Audit tools"
Previous message: Curt Purdy: "RE: [in] RE: Laptop Considerations"
Maybe in reply to: Jeffrey M.Miller CISSP: "Password Audit tools"
Next in thread: Dan Connelly: "Re: Password Audit tools"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:10 EDT