July 25th, 2004, 02:44 AM
How do i scan my box
Hello, I am just wondering if it is possible to scan my computer from my computer. What i mean is can i use nmap angry ip scanner, and scan my computer from the same computer? Also is there a way to use brute force to check my password strength before logging in? maybe if they were on disk. thankyou
July 25th, 2004, 02:54 AM
Yes you can use nmap on yourself. I've always had problems using 127.0.0.1 or localhost, I've always used my network address. And your password strength can be judged by looking at it. Is is a single word? Is it multiple words? Is it random? Does is include caps and lower caps? Extra characters like !@#$? The crazier your pass, the longer it will take a cracker to guess it.
Also try retina from eeye.
July 25th, 2004, 03:03 AM
That was fast thanks. I have like a 17 digit pass with upper and lower case and also
extra characters @#%$&_~ I would like to test it but dont know how to.
July 25th, 2004, 03:17 AM
I would use John the ripper for that.
Before you try to use it look over the Read Me file
July 25th, 2004, 03:18 AM
According to this, youve got nothing to worry about then when it comes to your password.
July 25th, 2004, 07:19 AM
I don't think that you can perform a meaningful test on that sort of password. It is too long and too complicated.
I have like a 17 digit pass with upper and lower case and also extra characters @#%$&_~ I would like to test it but dont know how to.
Certainly, a "dictionary" attack would fail, and 17 characters would take a very long time to brute force. In brute forcing, the length of a password is the critical factor, all else being equal.
I would suggest that if you really want to test it, you change the password to something simple like dcba, to prove that the tool works. Then change it back to your real password, and cancel the job when you get bored.
July 25th, 2004, 08:05 AM
Yes you can use NMap to scan yourself you can use any IP scanner or port scanner on yourself and why is the name of your post Xbox something...
July 25th, 2004, 08:30 AM
jr05linux: If I'm seeing what you aren't, the name of the thread say's "How do i scan my box". Anyway's I'll second using Retina, it's one of my favorite Network Vulnerability scanner's and I use it with all my client's who want to know if they have a "secure box" or not. It's probably one of the best on the Window's market (aside from NMap, but that's more of a port scanner). Definitely check that out.
July 25th, 2004, 04:04 PM
I don't know what OS t00tYfrUitY is using, but "most" OS have a set number for the default password. Am I wrong to state that if you go over that number, then the rest is garbage? If someone wants to break your password and the limit on the password is 7, then adding 10 more numbers(characters etc.) is not going to make it any harder? Would not the cracking program stop when it found the password and not keep trying all of the extra garbage?
July 25th, 2004, 04:29 PM
1. The default password is set by the supplier, and could be anything. Not neccesarily the maximum. Generally much smaller and easy to remember.
2. Several things can happen if you exceed the maximum password length:
A. Nothing............it just stops.
B. It may start overwriting the first part of the pass with excess characters.
C. You get an error message.
D. It shows the extra characters, but does not recognise them.
My XP box has a 19 character pass, and I think that it will go higher.
If your OS will only accept 7 characters I would you format the HDD and install a proper one (OS)
Please don't get confused with the "pseudo-passwords" that are in "home" versions of Windows, they are NOT a security measure, they are just there to make it easier to cater for multiple users of the same stand alone machine.