RE: Password Audit tools

• Previous message: Maximiliano Bertacchini: "Re: Password Audit tools"
• Maybe in reply to: Jeffrey M.Miller CISSP: "Password Audit tools"
• Next in thread: Jarmon, Don R: "RE: Password Audit tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 14 Dec 2004 10:47:53 -0600
To: "H Carvey" <keydet89@yahoo.com>, <pen-test@securityfocus.com>

LC5 has pre-hased passwords, I hear. It searches the pre-hashed
table...therefore cracking common or simple password that much faster. I
havent' seen it work tho...I have only seen and used LC4.

> -----Original Message-----
> From: H Carvey [mailto:keydet89@yahoo.com]
> Sent: Tuesday, December 14, 2004 1:23 PM
> To: pen-test@securityfocus.com
> Subject: Re: Password Audit tools
>
> In-Reply-To: <F20512AC-4D6C-11D9-BE00-000A95C0A77A@acumeninfosec.com>
>
> >I've used Internet Security Scanner from ISS and really like it's
>
> >ability to pull users from NT domains and test common passwords, such
>
> >as username=password, password=password, etc.
>
> >
>
> >I've considered purchasing the consultant version of l0phtcrack LC5.
>
> >
>
> >Has anyone used LC5 and can anyone compare it to ISS?
>
>
>
> I'm not sure that you can compare the two, really. Look at
> what L0phtcrack does...it's much, much more than simply
> trying to guess a couple of common passwords.
>
>
>
> >Also are there
>
> >any OpenSource tools that can do these sorts of checks?
>
>
>
> Checks? Hhhmm...not sure. Password cracking...sure. John
> the Ripper, or ophcrack
> (http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php
> ). Ophcrack is something you should probably look at...
>
>
>
> H. Carvey
>
> "Windows Forensics and Incident Recovery"
>
> http://www.windows-ir.com
>

• Previous message: Maximiliano Bertacchini: "Re: Password Audit tools"
• Maybe in reply to: Jeffrey M.Miller CISSP: "Password Audit tools"
• Next in thread: Jarmon, Don R: "RE: Password Audit tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Two dbs using one linked table ... Either I could modify the existing db ... A solution to this is to remove the common table from the ... different sets of reports and forms in each. ... File-level passwords are probably not even worth the mental effort it ... (microsoft.public.access.tablesdbdesign) Re: Requesting security tips on network setup ... >FTP has the horrendous security flaw of allowing clear text passwords to be ... reading this group before posting (which is common netiquette) should have ... you can use ssl to protect passwords and data, but you have to be sure ... (comp.os.linux.security) Re: Hacker activity? ... >>If it all from a common subnet, ... use good passwords if you use passwords at all. ... Steve Suhre ... (freebsd-questions) Re: Access to network from different user accounts ... Have you created *all* accounts & passwords ... identically on *all* computers? ... That's the most common cause of this ... chris wrote: ... (microsoft.public.windowsxp.network_web) Re: Hashed PWs more secure than encrypted PWs? ... > on encryption technology. ... it works by encrypting a common plain text with the password used as ... I had always thought it was the passwords themselves that were ... (comp.security.unix)