Penetration Testing mailing list archives

Password Cracking Issues

From: JAE HO JANG <misman95 () yahoo co jp>
Date: Thu, 17 Dec 2009 23:07:30 +0800

Hi,

I am doing Pen-testing of our customer's FW, NetScreen.
But I installed this FW also set password a few months ago so I already knew the password (they haven't changed).
In this case, what is the best way to do? 
just proceed the password cracking? then report them I managed to find the password?
or skip password cracking and then advise to reinforce the password policy?

Please advise.
Thanks in advance.

Regards,
Tony


--------------------------------------
Get Disney character's mail address on Yahoo! Mail
http://pr.mail.yahoo.co.jp/disney/

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Password Cracking Issues JAE HO JANG (Dec 21)
- Re: Password Cracking Issues Jonathan Cran (Dec 29)
- Re: Password Cracking Issues Javier Reyna (Dec 29)
- RE: Password Cracking Issues THOMAS, DEDRIC (ATTCLSMA) (Dec 29)