Crack

Crack Is a password cracker that will take encrypted Unix passwords and compute the plain text password. Unix/Linux Password Management - SANS GIAC LevelOne ©2000 1 Thank you, and welcome to SANS LevelOne. We will be covering Crack. Hello, my name is Eric Cole and I will be explaining Crack to you. If you have any question or comments regarding this program please contact me at eric7095@aol.com. 1 Password Cracker Details • Name: Crack • Operating System: Unix • Brief Description: Crack is a password guessing program that is designed to quickly locate insecurities in Unix (or other) password files by scanning the contents of a password file Unix/Linux Password Management - SANS GIAC LevelOne ©2000 2 Crack is a freely available program designed to find standard Unix DES-encrypted passwords by standard guessing techniques. It is written to be flexible, configurable and fast, and to be able to make use of several networked hosts via the Berkeley rshprogram (or similar), where possible. This program checks your users` passwords for "guessable" values. It works by encrypting a list of likely passwords and seeing if the result matches any of your user`s encrypted passwords (which must be provided to it). It is surprisingly effective and easy to use. 2 Checklist • The following are the objectives for this course. After completion a user should understand the following: – what password cracking is – why it is important – methods of password cracking – what Crack is – how to install and run Crack – how to view the results of Crack – how to protect against password cracking on Unix – features of a strong password – what is a shadow password file Unix/Linux Password Management - SANS GIAC LevelOne ©2000 3 3 Why are passwords so important? • First line of defense • Control access • Get additional access • Create back door for future access Unix/Linux Password Management - SANS GIAC LevelOne ©2000 4 Passwords are very important because they are the first line of defense against interactive attacks on your system. Since it is fairly easy for someone to figure out a user ID, the only thing that is protecting access to your system is a user’s password. Based on this, if an attacker cannot interact with your system(s), and they have no access to read or write the information contained in the password file, then they have almost no avenues of attack left open to break your system. This is why, if an attacker can at least read your password file (and if you are on a vanilla modern Unix, you should assume this) it is so important that an attacker is not able to break any of the passwords contained therein. If they can, then it is also fair to assume that they can log on to your system and can then break into "root" via an operating system hole. 4 How are passwords stored on a system? • User passwords must be protected against: – unauthorized disclosure – unauthorized modification – unauthorized removal • Solution: store only the encrypted password Unix/Linux Password Management - SANS GIAC LevelOne ©2000 5 In most companies, passwords are the first and only line of defense to protecting their information and servers. Since most user IDs consist of the first initial/last name of an employee (or some combination), it is fairly easy to find out valid user IDs for individuals at a company. Based on this, the only other piece of information you need to gain access is a user password. Therefore they need to be protected and very hard to guess. The key things passwords need to be protected against are unauthorized disclosure, unauthorized modification and unauthorized removal. If users write down their passwords or share them with other people, then the user’s password is compromised and can be used as an entry point into the system. Being able to modify a password is just as risky, because as long as an attacker knows what password is associated with a user ID, they can use it to gain access. It does not matter if the real user knows it or not. This is potentially dangerous because if the user tries to get in and cannot, they might be suspicious of foul play. In order to protect passwords, operating systems use encryption, which basically hides the originally content so if someone gets the encrypted password they will not be able to determine what the original password was. 5 ... - tailieumienphi.vn