RE: FYI: FW: Cisco Secret 5 and John Password Cracker
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sat, 5 Nov 2005 15:15:22 -0800
Oh, yes please tell Tony.
I can't wait for the 400-word dissertations per posting...
..and in the beginning was CP/M...
After a time, there was ZCPR and all was better...
-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:sbradcpa@xxxxxxxxxxx]
Sent: Saturday, November 05, 2005 12:38 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FYI: FW: Cisco Secret 5 and John Password Cracker
http://www.ISAserver.org
What they don't tell you is normally in these kinds of programs what
they get first are the low hanging fruit.
Short sucky passwords, LMhashes, if you have weaknesses from the get
go... in my Win2k days when LMhashes were on the wire, LC4/5 could nail
short 7 character passwords in mere seconds.
If your password is of proper length and complexity, you throw out the
9x and NT clients and lose the legacy... you can attempt to brute force
in all you want but good luck.
http://download.microsoft.com/download/a/d/0/ad0f04a3-21b2-4d79-9049-f5f
adb632ace/SEC401-JesperJohansson.pdf
And don't tell Tony how Physical security is still an issue as well.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
