figure 2 2 server password cracking n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Figure 2-2: Server Password Cracking: PowerPoint Presentation
Download Presentation
Figure 2-2: Server Password Cracking:

Loading in 2 Seconds...

play fullscreen
1 / 15

Figure 2-2: Server Password Cracking: - PowerPoint PPT Presentation


  • 156 Views
  • Uploaded on

Figure 2-2: Server Password Cracking:. Reusable Passwords A password you use repeatedly to get access to a resource on multiple occasions Bad because attacker will have time to learn it; then can use it Difficulty of Cracking Passwords by Guessing Remotely Usually cut off after a few attempts.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Figure 2-2: Server Password Cracking:' - aideen


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
figure 2 2 server password cracking
Figure 2-2: Server Password Cracking:
  • Reusable Passwords
    • A password you use repeatedly to get access to a resource on multiple occasions
    • Bad because attacker will have time to learn it; then can use it
  • Difficulty of Cracking Passwords by Guessing Remotely
    • Usually cut off after a few attempts
figure 2 2 server password cracking1
Figure 2-2: Server Password Cracking
  • Hacking Root
    • Super accounts (can take any action in any directory)
    • Hacking root in UNIX
    • Super accounts in Windows (administrator) and NetWare (supervisor)
    • Hacking root is rare; usually can only hack an ordinary user account
    • May be able to elevate the privileges of the user account to take root action
figure 2 2 server password cracking2
Figure 2-2: Server Password Cracking
  • Physical Access Password Cracking
    • Brute-force password guessing
      • Try all possible character combinations
      • Longer passwords take longer to crack
      • Using more characters also takes longer
        • Alphabetic, no case (26 possibilities)
        • Alphabetic, case (52)
        • Alphanumeric (letters and numbers) (62)
        • All keyboard characters (~80)
    • Slow with passwords of reasonable length
figure 2 2 password length
Figure 2-2: Password Length

Password

Length In

Characters

Alphabetic,

No

Case (N=26)

Alphabetic,

Case

(N=52)

Alphanumeric:

Letters &

Digits (N=62)

All Keyboard

Characters

(N=~80)

1

26

52

62

80

2 (N2)

676

2,704

3,844

6,400

4 (N4)

456,976

7,311,616

14,776,336

40,960,000

6

308,915,776

19,770,609,664

56,800,235,584

2.62144E+11

8

2.08827E+11

5.34597E+13

2.1834E+14

1.67772E+15

10

1.41167E+14

1.44555E+17

8.39299E+17

1.07374E+19

figure 2 2 server password cracking3
Figure 2-2: Server Password Cracking
  • Physical Access Password Cracking
    • Dictionary attacks
      • Try common words
      • There are only a few thousand of these
      • Very rapidly cracked
    • Hybrid attacks
      • Common word with single digit at end, etc.
    • l0phtcrack
      • Lower-case L, zero, phtcrack
      • Password cracking program
      • Run on a server (need physical access)
      • Or copy password file and run l0phtcrack on another machine.
figure 2 2 server password cracking4
Figure 2-2: Server Password Cracking
  • Password Policies
    • Good passwords
      • At least 8 characters long
      • Change of case not at beginning
      • Digit (0 through 9) not at end
      • Other keyboard character not at end
      • Example: triV6#ial
    • Testing and enforcing password policies
      • Run password cracking program against own servers (Caution: requires approval! SysAdmins have been fired for doing this without permission—and should be)
    • Password duration policies: How often passwords must be changed
figure 2 2 server password cracking5
Figure 2-2: Server Password Cracking
  • Password Policies
    • Password sharing policies: Generally, forbid shared passwords
      • Removes ability to learn who took actions; loses accountability
      • Usually is not changed often or at all because of need to inform all sharers
    • Disabling passwords that are no longer valid
      • As soon as an employee leaves the firm, etc.
      • As soon as contractors, consultants leave
      • In many firms, a large percentage of all accounts are for people no longer with the firm
figure 2 2 server password cracking6
Figure 2-2: Server Password Cracking
  • Password Policies
    • Lost passwords
      • Password resets: Help desk gives new password for the account
      • Opportunities for social engineering attacks
      • Leave changed password on answering machine
      • Biometrics: voice print identification for requestor (but considerable false rejection rate)

New: Not

In Book

figure 2 2 server password cracking7
Figure 2-2: Server Password Cracking
  • Password Policies
    • Lost passwords
      • Automated password resets
        • Employee goes to website
        • Must answer a question, such as “In what city were you born?”
        • Problem of easily-guessed questions that can be answered with research
figure 2 2 server password cracking8
Figure 2-2: Server Password Cracking
  • Password Policies
    • Encrypted (hashed) password files (Figure 2-4)
      • Passwords not stored in readable form
      • Encrypted with DES or hashed with MD5
      • In UNIX, etc/passwd puts x in place of password
      • Encrypted or hashed passwords are stored in a different (shadow) file to which only high-level accounts have access
figure 2 4 password hashing

Server

Figure 2-4: Password Hashing

2.

Hash

My4Bad

=

11110000

1.

User = Lee

Password = My4Bad

3.

Hashes Match

Client PC

User Lee

Hashed Password File

Brown 11001100

Lee 11110000

Chun 00110011

Hatori 11100010

4.

Hashes Match,

So User is

Authenticated

figure 2 5 unix etc passwd file entries

User Name

User ID

GCOS

Shell

plee:6babc345d7256:47:3:Pat Lee:/usr/plee/:/bin/csh

Group ID

Password

Home Directory

Figure 2-5: UNIX/etc/passwd File Entries

Without Shadow Password File

With Shadow Password File

Plee:x:47:3:Pat Lee:/usr/plee/:/bin/csh

Asterisk instead of x indicates that the password

is stored in a separate shadow password file

figure 2 2 server password cracking9
Figure 2-2: Server Password Cracking
  • Password Policies
    • Windows passwords
      • Obsolete LAN manager passwords (7 characters maximum) should not be used
      • Windows NTLM passwords are better
      • Option (not default) to enforce strong passwords
figure 2 2 server password cracking10
Figure 2-2: Server Password Cracking
  • Shoulder Surfing
    • Watch someone as they type their password
  • Keystroke Capture Software
    • Professional versions of windows protect RAM during password typing
    • Consumer versions do not
    • Trojan horse throws up a login screen later, reports its finding to attackers
figure 2 2 server password cracking11
Figure 2-2: Server Password Cracking
  • Windows Client PC Software
    • Consumer version login screen is not for security
      • Windows professional and server versions provide good security with the login password
    • BIOS passwords allow boot-up security
      • Can be disabled by removing battery
      • But during a battery removal, the attacker will be very visible
    • Screen savers with passwords allow away-from-desk security after boot-up