Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] crack
- Date: Tue, 23 Jul 2002 17:05:42 +0900
- From: YAMAGATA Hiroo <hiyori13@example.com>
- Subject: Re: [tlug] crack
- References: <Pine.SUN.3.95.1020723153251.4842C-100000@example.com> <20020723163224.76d94e64.9915104t@example.com>
> There is a really low chance that passwords in a company will get cracked > by brute force. Brute-Force, no. Weak password checking is not for avoiding brute force. Probably you mean a dictionary attack. But I think that risk is rather serious. Someone using their initials or your extension number, or your favorite band, or one of those easy to guess stuff, that happens all the time. At one site there was a bug that allowed me to see the last registered user's id and password, and it was often like id: jesus, passwd: christ, and such. > Company networks are cracked because of the lack of software/os updates > and unsecure software usage. I'd say that's rather a technologist world view. I don't think sophisticated (relatively) attacks such as password sniffing and exploiting buffer overflows and such are that prevalent, compared to lame passwords and social engineering. Best, Hiroo (just came back from H2K2) -- NRI Social System Consulting #1 YAMAGATA Hiroo <hiyori13@example.com>
- Follow-Ups:
- Re: [tlug] crack
- From: B0Ti
- Re: [tlug] crack
- From: ayako kato
- Re: [tlug] crack
- References:
- [tlug] crack
- From: Nguyen Hung Vu
- Re: [tlug] crack
- From: B0Ti
- [tlug] crack
- Prev by Date: Re: [tlug] crack
- Next by Date: Re: [tlug] crack
- Previous by thread: Re: [tlug] crack
- Next by thread: Re: [tlug] crack
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |