Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Auditing Active Directory Passwords

From: "Jesse Rink" <jesse-rink () wi rr com>
Date: Wed, 6 Feb 2008 16:53:52 -0600
I have use Cain and Abel and also arpspoof along with kerbsniff and
kerbcrack for this in audit situations.   Email me offline if you are
interested.

JR

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of k7.fantr () gmail com
Sent: Wednesday, February 06, 2008 4:23 PM
To: security-basics () securityfocus com
Subject: Auditing Active Directory Passwords

I am looking for advice for auditing the password strength of passwords in
Active Directory. I have used l0phtcrack and other such tools in the past
against local accounts (SAM and System files) but I do not know what to use
for Active Directory. 


I do not want to brute force and lock out everyone's accounts, so I would
prefer an off-line audit. 


I have domain admin credentials. 


I am trying to build a case to turn on complexity requirements by showing
the fact that people do not voluntarily follow the password policy (big
shock to us, but not to the executive management).


Any tools that would work in this capacity would be greatly appreciated,
especially open source or low cost ones.
Previous By Date Next
Previous By Thread Next

Current thread: