Security Basics mailing list archives
Bestcrypt brute force
From: Javier Sanchez <sjllera () ya com>
Date: Thu, 25 Nov 2004 11:39:12 +0100
Hi all, i need to test the encryption of a bestcryt container, i thought that some brute force test will be enough. I have found a program for win that does exactly what im looking for but the creator website is down. Does anyone know Bestcrypt Brute Forcer ?? And any alternative download sites ?? Cheers Javier Sanchez sjllera () ya com On Tue, 2004-11-23 at 14:18, Raphaël Rigo ML wrote:
Davide wrote:Hi everybody. would you please give me some hints for the followin situation? In a win-based network, a folder contains some documents that have to be made available to company employees when they are not in the HQ but they are in a local branch office this is currently implemented by a FTP server (win 2kserver); the ftproot is the root dir of the documents. the server is connected to internet: (internet)---(router)---(firewall)---(LAN)---(server) employees access from a remote location office using their win logon credentials (no anonym access is provided). The local branch office acceses internet with a dinamic IP provided by ISP. What security concerns are rised in this setting? Should I use a DMZ, using the server to provide FTP services and moving the ftproot folder to another server INSIDE the DMZ (linked to a shared folder)? How can I overcome the problem that FTP passwords are transmitted not enchrypted? Should a VPN between HQ provide the panacea for these problems? thanks in advance davideHello, The problem is that (if I understand your network correctly), everybody in the lan is able to sniff the passwords as they are transmitted in plaintext. One of the easiest ways to get more security without changing your network would be to use a TLS/SSL enabled FTP servers, along with clients supporting this. I am not aware of any TLS enabled FTP server for windows licensed under a free license but a good commercial one is Blackmoon Ftp Server. For the clients, still on Windows, I can only recommend FileZilla (http://filezilla.sf.net) which is a really good FTP/SFTP Client licensed under the GPL. I hope this helps. Raphaël
Current thread:
- securing an FTP service Davide (Nov 22)
- RE: securing an FTP service pingywon (Nov 23)
- Re: securing an FTP service Alessandro Bottonelli (Nov 24)
- Re: securing an FTP service Raphaël Rigo ML (Nov 24)
- Bestcrypt brute force Javier Sanchez (Nov 25)
- Re: Bestcrypt brute force GuidoZ (Nov 27)
- Bestcrypt brute force Javier Sanchez (Nov 25)
- <Possible follow-ups>
- Re: securing an FTP service Davide (Nov 25)