Security Basics mailing list archives
RE: Detection tool?
From: "Josh Mills" <JMills () cnbwaco com>
Date: Fri, 2 Apr 2004 12:59:26 -0600
this is all great if it is an online brute force attack but this dosent do anything to stop someone from getting the password hashes and copying to their usb drive and taking them home and hacking away at them. The brute force attacks are esy to stop with effective password and lockout policies. -----Original Message----- From: Keenan Smith [mailto:kc_smith () clark net] Sent: Friday, April 02, 2004 8:05 AM To: 'David E. Newberger'; security-basics () lists securityfocus com Subject: RE: Detection tool? You could turn on auditing or logging of whatever resources are used to manage the passwords. A scan of the resulting logs looking for a large number of attempts in a short period from a single source would give you a basic idea that something happened. Or are you looking for an alarm of some sort that notifies you in real time? KC Smith -----Original Message----- From: David E. Newberger [mailto:dnewberger () cdatribe-nsn gov] Sent: Wednesday, March 31, 2004 4:02 PM To: security-basics () lists securityfocus com Subject: Detection tool? How can someone detect a password cracking tool on a network? David Newberger ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Detection tool? David E. Newberger (Apr 01)
- RE: Detection tool? Keenan Smith (Apr 02)
- <Possible follow-ups>
- RE: Detection tool? Josh Mills (Apr 02)
- RE: Detection tool? David E. Newberger (Apr 02)
- RE: Detection tool? BĂ©noni MARTIN (Apr 02)
- Re[2]: Detection tool? Alexander Lukyanenko (Apr 05)
- RE: Detection tool? Josh Mills (Apr 02)