|
Penetration Testing
mailing list archives
RE: Password Auditing
From: "John Babio" <jbabio () po-box esu edu>
Date: Fri, 4 May 2007 15:33:14 -0400
You could do John the ripper on your unix machines and windows. The best
program for windows boxes is l0phtcrack. LCP is a free "poormans"
l0phtcrack if you have no budget. Also Pwdumpv3 works great for windows
but you need a logon with admin privileges.
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Mike Gibson
Sent: Friday, May 04, 2007 1:50 PM
To: pen-test () securityfocus com
Subject: Password Auditing
Can anyone recommend a good password auditing tool. Basically I want
to identify weak passwords on my servers (Windows, Linux, Unix).
Ideally this would be done by a tool that could remotely fetch the
local password database and then attempt to brute force the passwords
and prepare a report in a central location.
Any suggestions?
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
