RE: Cisco LEAP

From: Rob Shein (shoten_at_starpower.net)
Date: 11/02/03

  • Next message: Steve Goldsby (ICS): "RE: Wireless Audit Cost" 
    To: "'No Man'" <noman4222@yahoo.com>, <pen-test@securityfocus.com>
Date: Sat, 1 Nov 2003 23:58:22 -0500

    Regarding questions 1 and 2:

    I'm not hugely familiar with the problem that LEAP has, but looking at this
    challenge from a logistical standpoint, I would say that you'd be far better
    off with a database containing the dictionary than a flat file, for
    performance reasons. I could imagine scenarios where you get to be several
    gig into creating the file, only to have latency on writing to the drive
    (for any number of reasons) cause the process to blow up. On the flip side,
    I could see latency in reads causing a similar problem during the
    brute-forcing process. Storing the data in a simple database structure on a
    separate machine from that which generates/utilizes the hashes would give
    you better reliability to avoid either problem and better recoverability
    should anything akin to it occur anyways.

    <snip>

    > Take for example a 6 character password made of
    > lowercase letters and numbers. 36^6 works out to about
    > 2.2 billion possibilities. Your dictionary or 2.2B rc4
    > hashes would take up roughly 40GB. I guess the plain
    > text that the hash was calculated from would be in
    > there too, so it would be a little larger, but suffice
    > it to say that it would fit on a fairly typical hard
    > drive.
    >
    > So, I'm wondering several things. Consider typical
    > newer Intel hardware.
    >
    > 1) what would it take time-wise to create the
    > dictionary?
    >
    > 2) how long would it take to cycle through 40 gigs of
    > hashes to find the matches?
    >
    > 3) how many matches on the last two bytes of the hash
    > are there likely to be?
    >
    >
    > Thanks in advance for any help in deciding how big of
    > an issue this really is!
    >
    > Michael
    >
    > __________________________________
    > Do you Yahoo!?
    > Exclusive Video Premiere - Britney Spears
    > http://launch.yahoo.com/promos/britneyspears/
    >
    >
    > --------------------------------------------------------------
    > -------------
    > Network with over 10,000 of the brightest minds in
    > information security at the largest, most highly-anticipated
    > industry event of the year. Don't miss RSA Conference 2004!
    > Choose from over 200 class sessions and see demos from more
    > than 250 industry vendors. If your job touches security, you
    > need to be here. Learn more or register at
    > http://www.securityfocus.com/sponsor/RSA_pen-> test_031023
    > and
    > use priority code SF4.
    >
    > --------------------------------------------------------------
    > --------------
    >
    >
    >

    ---------------------------------------------------------------------------
    Network with over 10,000 of the brightest minds in information security
    at the largest, most highly-anticipated industry event of the year.
    Don't miss RSA Conference 2004! Choose from over 200 class sessions and
    see demos from more than 250 industry vendors. If your job touches
    security, you need to be here. Learn more or register at
    http://www.securityfocus.com/sponsor/RSA_pen-test_031023
    and use priority code SF4.
    ----------------------------------------------------------------------------

  • Next message: Steve Goldsby (ICS): "RE: Wireless Audit Cost"
    • Quantcast