http://gcn.com/articles/2009/08/24/gcn-lab-review-mantech-crowbar.aspx By John Breeden II GCN.com Aug 21, 2009 Pros: Easy to use, can set up password crack groups for greater hacking speed Cons: Only works with MMC/SD cards Performance: A Ease Of Use: A Features: C Value: C Price: $2,300 Sometimes breaking into a place requires a lock pick, and sometimes it requires a crowbar. In this case, the crowbar is not a chunk of steel but a handheld device used to crack even the most complex passwords. There is one extremely effective way of breaking into a password-protected computer, especially one without a lockout timer or a security subsystem that looks for attacks: You simply need a program to perform a dictionary attack against the password, trying every possible word from the dictionary to see if any fit. You would be surprised at how many people use a big word like "disestablishmentarianism" and think that it can’t be hacked. Sorry, but if it’s a real word, a dictionary attack will find it. If the dictionary attack fails, the next step is to try dictionary words with numbers after them, because a lot of people will use something like Password1 and think that the number makes them secure. It does, but only by a few seconds on a hack. Barring that, there is the tedious process of trying every possible character and letter combination in existence. This will work eventually, though it might take hours or even days. These attacks can be stopped if a program is monitoring for too many log-in tries. But most handheld devices don’t have that protection, making them vulnerable to attack. [...] ________________________________________ Subscribe to InfoSec News http://www.infosecnews.orgReceived on Fri Aug 28 2009 - 02:01:14 PDT
This archive was generated by hypermail 2.2.0 : Fri Aug 28 2009 - 02:15:45 PDT