From: Max Ashton (maxashton@eml.cc)
Date: Wed Feb 08 2006 - 04:28:11 EST
Your average hacker isn't going to have qualms over using a cracked copy of,
f.ex, CoreSecurity's pentest suite, or a cracked copy of LC5. They're going
to use everything in the commercial, OSS, and Freeware and social arenas to
achieve their goal.
Sure, if they're doing a driveby wlan hack they might well use a livecd and an
old throwaway laptop, but you can't rule out the high tech, highly
experienced hackers.
You can't presume they have any morality. They don't care they're stealing
software. They want to steal / DOS / Destroy you.
Just my two pence.
Max Ashton
On Tuesday 07 February 2006 18:03, ROB DIXON wrote:
> Hey Tony,
>
> The "others" should be informed that the malicious attacker is most
> likely to NOT use "commercial" products.
>
> And that for a true benchmark, maybe use the products that a malicious
> attacker would use. Most of which will probably be open source or free at
> the least. That is assuming that they are not writing their own software.
> ;) I guess I'm asking, how do you justify "not" using free products?
>
> You can buy pre-computated rainbow tables, but there are different
> rainbowtables for different types of hashes. Example: ntlm, ntlmv2, sha1 ,
> md5, etc.
>
>
> cheers,
>
> New Guy
>
> Robert L. Dixon, CSO
> CHFI A+
> State of West Virginia's
> West VIriginia Office of Techonology
> Infrastructure Applications
> Netware/GroupWise Administrator
> Telephone: (304)-558-5472 ex.4225
> Email:rdixon@workforcewv.org
>
> >>> <stark192@hotmail.com> >>>
>
> Hello,
>
> Trying to crack our password list at work, it's a long story, but it has
> been put on a higher priority. I've been looking for some good pre-computed
> hash tables, like Rainbow tables, that will work with LC5. Does anyone have
> a source?
>
> I'd like to use RainbowCrack but others want to stick to commercial
> products.
>
> Thanks,
>
> Tony
>
> ---------------------------------------------------------------------------
>--- Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are futile against web application hacking. Check your website for
> vulnerabilities to SQL injection, Cross site scripting and other web
> attacks before hackers do! Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ---------------------------------------------------------------------------
>----
>
>
>
> ---------------------------------------------------------------------------
>--- Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are futile against web application hacking. Check your website for
> vulnerabilities to SQL injection, Cross site scripting and other web
> attacks before hackers do! Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ---------------------------------------------------------------------------
>----
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT