Re: cisco password (analysis)

From: Renaud Deraison (deraisonat_private)
Date: Thu Sep 06 2001 - 08:57:07 PDT

Next message: Noam Rathaus: "Re: cisco password (analysis)"

Previous message: Renaud Deraison: "Re: Apache authentication modules"
In reply to: Noam Rathaus: "Re: cisco password (analysis)"
Next in thread: Noam Rathaus: "Re: cisco password (analysis)"
Reply: Noam Rathaus: "Re: cisco password (analysis)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 04, 2001 at 11:09:14PM -0000, Noam Rathaus wrote:
> Hi,
> 
> Will this API be ready for Nessus 1.1?

This can be done. However, I'm not really convinced about the need for
brute force attacks plugins, except while doing a pen-test.

Most of the time, you'd better off logguing in the system, extract the
password base, and bruteforce the passwords locally.

But if people see an interest in doing that over the network, well, I
guess I'll implement get_next_username() and get_next_password() (or
whatever I'll call them)

				-- Renaud

Next message: Noam Rathaus: "Re: cisco password (analysis)"
Previous message: Renaud Deraison: "Re: Apache authentication modules"
In reply to: Noam Rathaus: "Re: cisco password (analysis)"
Next in thread: Noam Rathaus: "Re: cisco password (analysis)"
Reply: Noam Rathaus: "Re: cisco password (analysis)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 14:01:36 PDT