RE: Password Audit tools

From: Paris E. Stone (pstone@alhurra.com)
Date: Wed Dec 15 2004 - 12:16:27 EST


Google up "Rainbow Tables"

Then stop using anything else.

~~~~~
Paris E. Stone, "Linux Zealot"
CISSP, CCNP, CNE, MCSE, CIW Master Administrator
~~~~~
"Not all who wander are lost."
J.R.R.T.

-----Original Message-----
From: Christian Martorella [mailto:laramies2k@yahoo.com.ar]
Sent: Tuesday, December 14, 2004 12:04 PM
To: Jeffrey M.Miller CISSP
Cc: pen-test@securityfocus.com
Subject: Re: Password Audit tools

If you are looking for OpenSource alternatives you should check:

Cain & Abel could be useful for your needs, (http://www.oxid.it/) , it
has a complete suite of cracking tools.
Lepton's Crack (http://www.nestonline.com/lcrack/) it's very good, and
it support regular expressions.
John The Ripper (http://www.openwall.com/john)

And for remote password cracking you could use:
Hydra http://www.thc.org/thc-hydra/

Hope it helps

Laramies

Jeffrey M.Miller CISSP wrote:

> I've used Internet Security Scanner from ISS and really like it's
> ability to pull users from NT domains and test common passwords, such
> as username=password, password=password, etc.
>
> I've considered purchasing the consultant version of l0phtcrack LC5.
>
> Has anyone used LC5 and can anyone compare it to ISS? Also are there
> any OpenSource tools that can do these sorts of checks?
>
> Thanks
>
> J_
>
>



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:11 EDT