mark shtern. passwords are the most common authentication method they are inherently insecure
TRANSCRIPT
Mark Shtern
Passwords are the most common authentication method
They are inherently insecure
• Human generated passwords• Come from a small domain• Easy to guess – dictionary attacks
• Stronger passwords• Computer generated or verified• Not user friendly • Hard to remember
Physical Access Offline password cracking Online password cracking
Boot using Linux bootable CD Mount system drive Reset Administration Password (Windows:
chntpwd; Linux modify shadow file)
Collect password hashes Crack passwords
Eavesdropping (Sniffing) Password file
Windows – SAM,NTDS.dit file (pwdump[2-6] and fgdump)
Linux – shadow file (unshadow) Memory Dump (debug tools: WinDgb, gdb), System
calls (APImonitor, strace) SQL database, configuration file Source code
Types Brute Force Dictionary Hybrid Rainbow
The most popular crackers Windows: Ophcrack, Cain & Abel, LCP Linux: John the Ripper (john)
Eavesdropping: Encrypt the channel, e.g. using SSL or SSH
Offline dictionary attacks: Limit access to password hashes, strong passwords, password lifetime, use salt
Online dictionary attacks: Delayed answers, strong passwords, account lockouts