July 25th, 2004, 09:14 PM
nihil, I was talking about the size of the default password, not the password itself?
1. The default password is set by the supplier, and could be anything. Not neccesarily the maximum. Generally much smaller and easy to remember.
2. Yes certain things can happen if you exceed the set number, and some OS's can be changed, but I still don't see what will happen if you exceed the set number(concerning a cracking program)? You have to know what the number is(and change it if necessary) to take full advantage of it.
And yes, the OS's that I use do accept higher numbers, and are proper ones?
If your OS will only accept 7 characters I would you format the HDD and install a proper one (OS)
July 25th, 2004, 09:20 PM
I've nearly forgotten my 30 odd digit password a couple of times
July 25th, 2004, 09:56 PM
What I was saying is that the password is in the regular location (so the capacity is the regular size) but the "default" is something set by the manufacturer, and may be blank or a setting like "password" or whatever, even though it may be in a 30 digit field. A good system will make you set the password or change it, but this was not always the case. I can remember getting into IBM S\38s using the default System Security Officer's password
OK, regarding a cracking program, the first thing you need is the password field, so you will know how big it is "for real".
Then it works like I said, you will either have the password overwritten with the extra characters, starting at the front, or they will be ignored. In either case the BF cracker will look at what exactly is in the password field, and allows access.
I can remember cracking tools that only worked on 8 digits, and that wasn't that long ago..............so if you had a longer pass, the cracking tool wouldn't work...........hence the need to educate users on secure passwords
July 25th, 2004, 10:16 PM
Sure you can just download a portscanner. Then scan the localhost or 127.0.0.1. http://www.blackcode.com has some pretty nice port scanners. But NMap is the best ive ever used .