Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Password Auditing

From: "Beauchamp, Brian" <bbeauchamp () oxford k12 pa us>
Date: Fri, 4 May 2007 15:09:17 -0400
Cain and Abel (www.oxid.it) will do the trick but the downside is abel
is technically a virus (and will be identified as one). Also, it needs
to be installed on your (windows) servers to work correctly. 

So I guess what I'm saying is, I don't have any good advice for you.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Mike Gibson
Sent: Friday, May 04, 2007 1:50 PM
To: pen-test () securityfocus com
Subject: Password Auditing

Can anyone recommend a good password auditing tool. Basically I want to
identify weak passwords on my servers (Windows, Linux, Unix).
Ideally this would be done by a tool that could remotely fetch the local
password database and then attempt to brute force the passwords and
prepare a report in a central location.

Any suggestions?

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic See HOW Now with our 20/20
program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: