AW: Using brute force to test Sendmail passwords.

[Meidinger Chris <chris.meidinger () badenit de>]

John the Ripper and/or Crack running on a crontab?

-----Ursprüngliche Nachricht-----
Von: Rolando Ruiz C. [mailto:rmruiz () ing puc cl] 
Gesendet: Freitag, 5. September 2003 23:53
An: security-basics () securityfocus com
Betreff: Using brute force to test Sendmail passwords.


Hi everyone,
i'm implementing a password security policy for all mail users on a sendmail
server (redhat 7.3), and i need to know if all users DID follow the
insructions (min lenght = 5, not only A-Z chars, etc). My question is: is
there a way to pick the passwords file to make some brute force test,
automatically? (any tool?) (any other way to test them?)

thanks a lot!

PD: excuse my english, its not my native language :(

--
Rolando Ruiz.



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September
6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------