Page 160 - CISSO_Prep_ Guide
P. 160
Password Cracking
One of the easiest ways to penetrate a system is by learning the
password of an authorized user. This can sometimes be done
with little or no technical skill since many users do not realize
the importance of keeping their password secret. A part of every
awareness program should be to remind users that the reason to
protect their password is so that they will not be blamed for
something someone else has done using their account! Users
often write passwords down or choose weak passwords that can
be easily guessed or broken. Over the years, numerous password
cracking tools have been available such as 'lophtcrack' and 'john
the ripper.' Today there are many ways to circumvent a
password using tools such as Cain and Abel, or Helix.
Dictionary Attacks
Many people choose a password from a list of common words.
Even if they exchange some number for letters, (3 for 'e,' 0 for
'o,' etc.,) most dictionary-based password tools will make the
same substitutions. A dictionary attack is based on a list of
common words that the tool will hash to attempt to find a
matching password hash value in the password file (SAM file
for windows).
Since a password is usually stored as a hash value and not
usually stored in cleartext, the dictionary attack tried to find the
word that, when hashed, will give the same hash value. The
attacker then knows what password they must enter to log onto
the system. This is one reason to protect the password file - to
prevent an attacker from taking a copy of the file and running an
attack against it to learn the password values.
