|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Valdis.Kletnieks
vt.edu
Date: Thu Feb 04 2010 - 09:52:32 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 03 Feb 2010 23:02:20 +0100, Christian Sciberras said:
> Actually dictionary attacks seem to work quite well, especially for common
> users which typically use dictionary and/or well known passwords (such as
> the infamous "password").
> Another idea which seems to be cropping in, is the use of hash tables with a
> list of known passwords rather then dictionary approach.
> Personally, the hash table one is quite successful, consider that it targets
> password groups rather than a load of wild guesses.
Correct - the point is those are *clever* ways to break an MD5 hash of a
password, rather than a brute-force attack. They work in several days rather
than several thousand times the age of the universe precisely because they're
clever.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFLau1AcC3lWbTT17ARAvtbAJ9mYx6RqvLLm6E9W/OIjIhr0uGMaACfTham
unuytr3Zw7GL8wpVFlBKjDc=
=QJIi
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]