RE: cisco password (analysis)

From: Matt Moore (mattat_private)
Date: Mon Sep 03 2001 - 03:53:07 PDT

Next message: John Lampe: "Re: cisco password (analysis)"

Previous message: Noam Rathaus: "Re: cisco password (analysis)"
In reply to: Noam Rathaus: "Re: cisco password (analysis)"
Next in thread: John Lampe: "Re: cisco password (analysis)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Noam,

>
> As I stated before (privately to Renaud) it would be better to make the
> username/password combination always from the same source, in the Nessus
> case accounts.txt.
>
> It would seem logical to create some NASL function to return a
> username/password combination directly from the accounts.txt and
> to make the
> accounts.txt as versatile as possible (containing as much combinations as
> possible, but not a dictionary :}).
>

Would it be worth allowing the user to specify the 'depth' of password
guessing, e.g. 'light' would only check for common default passwords,
'medium' or 'heavy' (or whatever) would check for more, but obviously take
alot longer to run?

Matt Moore

Next message: John Lampe: "Re: cisco password (analysis)"
Previous message: Noam Rathaus: "Re: cisco password (analysis)"
In reply to: Noam Rathaus: "Re: cisco password (analysis)"
Next in thread: John Lampe: "Re: cisco password (analysis)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 03 2001 - 03:53:17 PDT