|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0
From: Rainer Duffner (rainer
ultra-secure.de)
Date: Fri Feb 10 2006 - 18:03:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Solar Designer wrote:
>
>Finally, often it is preferable to not spend lots of disk space and lots
>of time and/or bandwidth to generate or download rainbow tables, -- and
>also to not reveal your password hashes to a third party (such as one of
>the online rainbow tables based cracking services).
>
>
I don't think such a move (upload hash to 3rd-party site) is covered
with any sensible pen-tester NDA (and related work).
(Though professional pentesters might have their own set of rainbow-tables)
So, this is a good reason, still.
cheers,
Rainer
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]