Home page logo
/

basics logo Security Basics mailing list archives

RE: Password Cracking
From: "Allan Schon" <allanschon () mckinleymachinery com>
Date: Tue, 20 May 2003 08:04:15 -0400

Well, if you examine your log files, you should be to find each of these hacking attempts, and get some information 
about the hackers.  If, however, you don't find evidence of a brute force attack in your logs, your system itself may 
have been compromised.  If I were you, I'd do a comprehensive security audit RIGHT NOW, do determine what, if any, 
damage has been done.

If these cracking attempts were aimed at a specific director, or a small group of them, you may want to read up on 
'social engineering'.  It is very likely that your clients are not terribly tech-savvy (most people aren't), and may 
have actually given thier passwords to the cracker.  Oops. :)

If I were you, I'd go to your local library and pick up a book or two on computer security. Check out this site for a 
list of titles: http://www.securityfocus.com/library/category/4

Good luck!

-----Original Message-----
From: Peter Weiss [mailto:dvdsandbooks () hotmail com]
Sent: Saturday, May 17, 2003 7:57 PM
To: security-basics () securityfocus com
Subject: Password Cracking




I was recommended this site by a friend of mine. I manage the website 
http://www.breakdownservices.com/ , and lately there have been numerous 
attempts at obtaining login information for legit casting directors. I 
was simply wondering what tools hackers are using to obtain such 
information (many of the attempts turned out to be successful). I did 
some research on my own, and read about brute force/dictionary attacks, 
but when trying to satisfy my knowledge of these techniques I couldn't 
find anything to use them with. Also, is this the only technique hackers 
could possible use on my site? I figure if I understand how this works, I 
can prevent it!
Thanks.

---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]