Re: Password Crackers

From: Neil (neil@voidfx.net)
Date: Wed Feb 15 2006 - 22:46:22 EST

• Next message: Mark Fosseth: "Spoof IP otption synthax misleading"
• Previous message: Harry: "Víagra To Jump Start Your Love Lífe"
• In reply to: xelerated: "Password Crackers"
• Next in thread: revnic@gmail.com: "Re: Password Crackers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

xelerated wrote:
> List,
> As some of you may know, @stake has been bought by
> symantec. And if that wasnt bad enough, they are no longer
> selling LC5 after the end of this month.
> And they have no plans on a replacement product.
>
> In my experience, LC5 was about the best thing for speedy
> assessment of the password policy. Sure LC5 will still have
> some use for awhile to come, but then what?
>
> I know there are lots of other options, LCP, john, rainbow tables,
> and more, but as far as I know, nothing is near as speedy
> as LC.
>
> What are your thoughts? Is there something out there as fast or close?
>
> I had enough trouble getting an old junk PC for doing nessus scans on, so i know
> a cluster is out of the question.
>
> Thanks!
> Chris

Actually, John just got a speed upgrade, not too long ago (as of 1.7, I
think). And while I've not done any real comparisons to LC5, John is
not slow by any means.

On the other hand, Rainbow Tables are faster than anything else out
there, since all the computer is doing is looking up the hash in a
database, and then the database spits out the corresponding password.
On the other hand, you need to have a database with your password in it
(if the password has symbols, and you are using alphanumeric tables,
obviously it won't work).

-- 
Neil.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Mark Fosseth: "Spoof IP otption synthax misleading"
• Previous message: Harry: "Víagra To Jump Start Your Love Lífe"
• In reply to: xelerated: "Password Crackers"
• Next in thread: revnic@gmail.com: "Re: Password Crackers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT