Security Basics mailing list archives

Re: Using brute force to test Sendmail passwords.

From: David <dcorking () yahoo fr>
Date: Fri, 5 Sep 2003 22:11:04 -0400

On Fri, 05 Sep 2003, Rolando Ruiz C. wrote:

Hi everyone,
i'm implementing a password security policy for all mail users on a
sendmail server (redhat 7.3), and i need to know if all users DID follow
the insructions (min lenght = 5, not only A-Z chars, etc). My question is:
is there a way to pick the passwords file to make some brute force test,
automatically? (any tool?) (any other way to test them?)


"john the ripper" is designed for policy enforcement.  Get permission
from the boss first.

http://www.false.com/security/john/


---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

Using brute force to test Sendmail passwords. Rolando Ruiz C. (Sep 05)
- Re: Using brute force to test Sendmail passwords. Jonathan Bowman (Sep 08)
- Re: Using brute force to test Sendmail passwords. David (Sep 08)
- Re: Using brute force to test Sendmail passwords. Stefan Marx (Sep 08)