RE: Password Audit tools

From: Paris E. Stone (pstone_at_alhurra.com)
Date: 12/15/04

  • Next message: Todd Towles: "RE: Class on Security Tools" 
    Date: Wed, 15 Dec 2004 12:16:27 -0500

    Google up "Rainbow Tables"

    Then stop using anything else.

    ~~~~~
    Paris E. Stone, "Linux Zealot"
    CISSP, CCNP, CNE, MCSE, CIW Master Administrator
    ~~~~~
    "Not all who wander are lost."
    J.R.R.T.

    -----Original Message-----
    From: Christian Martorella [mailto:laramies2k@yahoo.com.ar]
    Sent: Tuesday, December 14, 2004 12:04 PM
    To: Jeffrey M.Miller CISSP
    Cc: pen-test@securityfocus.com
    Subject: Re: Password Audit tools

    If you are looking for OpenSource alternatives you should check:

    Cain & Abel could be useful for your needs, (http://www.oxid.it/) , it
    has a complete suite of cracking tools.
    Lepton's Crack (http://www.nestonline.com/lcrack/) it's very good, and
    it support regular expressions.
    John The Ripper (http://www.openwall.com/john)

    And for remote password cracking you could use:
    Hydra http://www.thc.org/thc-hydra/

    Hope it helps

    Laramies

    Jeffrey M.Miller CISSP wrote:

    > I've used Internet Security Scanner from ISS and really like it's
    > ability to pull users from NT domains and test common passwords, such
    > as username=password, password=password, etc.
    >
    > I've considered purchasing the consultant version of l0phtcrack LC5.
    >
    > Has anyone used LC5 and can anyone compare it to ISS? Also are there
    > any OpenSource tools that can do these sorts of checks?
    >
    > Thanks
    >
    > J_
    >
    >

  • Next message: Todd Towles: "RE: Class on Security Tools"