[geeks] Commercial Password crackers

[velociraptor]

On 3/20/06, Ido Dubrawsky <idubraws at dubrawsky.org> wrote:
> On Mon, Mar 20, 2006 at 09:31:26AM -0600, geeks-request at sunhelp.org wrote:
> > Date: Mon, 20 Mar 2006 10:31:22 -0500
> > From: velociraptor <velociraptor at gmail.com>
> > Subject: Re: [geeks] Commercial Password crackers
> > To: "The Geeks List" <geeks at sunhelp.org>
> > Message-ID:
> >       <b9ce685f0603200731h7993a7c9v9c4975106ff735e0 at mail.gmail.com>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > Is there anything for *nices that uses the same type of "rainbow
> > files" that the Windows password crackers use?  They seem to me to
> > make more sense than dictionary files.
>
>   Not that I've heard of.  The key feature is that UNIX uses a SALT to help
> randomize the password hash generation.  The Windows LANMAN hash has no
such
> feature so there are a finite number (albeit rather large) of hashes
possible
> in Windows LANMAN passwords.  Remember, we're talking about LANMAN (i.e.
the
> old, backward compatible friendly password scheme used by Windows).  If you
> disable LANMAN hashes on your Windows domain and go strictly with the
Windows
> NT password (which is the password hashed with the MD4 algorithm) then
you're
> in as good a shape as UNIX passwords using the old crypt() function.
>   It would be nice to have rainbow tables for UNIX passwords but with the
use
> of SALTs to help randomize the hash generation even more it becomes
impractical.

OK, that explains things.  I dunno if I should be proud of my
ignorance of Windows security or not. ;-)

I'd been dabbling in it due to $ork's one-size-fits all policies on
desktops, but after my reg hacks got overwritten with the first reboot
while attached to the network, I tossed in the towel.  I shrank the
'doze partition and installed x86 Solaris.

If they find out they'll be more hacked off than they were when they
found out about the Linux box I'd built and put on the network.  But
at this point, I don't care.

=Nadine=