Security Basics mailing list archives
Re: Password trading problem
From: John S.Whitford <jswhitford () acm org>
Date: Wed, 04 Aug 2004 12:26:58 -0500
On Tue, 3 Aug 2004 15:50:19 -0400 , you wrote:
Hi I've got a client who has an adult themed, password protected, web site and I'm in charge of doing a security review of it. This was brought about by the admin noticing a huge amount of logins from a single account across many different IP addresses. I imagine that this is the result of password trading online and as part of my security audit I would like to develop a list of these sites which offer message forums for password 'testing', adult 'testing', web 'testing' etc...meaning password cracking, and scan for my clients site within their lists to make sure no passwords/accounts have been cracked and being shared. Does anyone have any ideas? Thanks.
Just make sure that the ID can't be logged in multiple times and it will police itself. But, that should already be in place for ppv sites. jsw --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Password trading problem Jason Humes (Aug 04)
- Re: Password trading problem John S . Whitford (Aug 04)
- Re: Password trading problem pingywon MCSE (Aug 04)
- Re: Password trading problem Tomek Perlak (Aug 05)
- <Possible follow-ups>
- RE: Password trading problem Barber, Chris Mr. ATEC/Contractor (Aug 05)
- RE: Password trading problem Hamish Stanaway (Aug 05)