Symantec discontinuing L0phtCrack - now what?
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Symantec discontinuing L0phtCrack - now what?

  1. #1
    Senior Member genXer's Avatar
    Join Date
    Jun 2005
    Posts
    252

    Symantec discontinuing L0phtCrack - now what?

    Hello all-

    Well we, and I am sure many others, got a not so welcomed, yet not totally surprizing gift already... Symantec announced that it is discontinuing support for L0phtCrack. The message from the vendor:

    Dear LC Customer,

    The purpose of this letter is to notify you that Symantec Corporation is discontinuing its L0phtCrack (LC) product line and will no longer provide product code updates, enhancements or fixes to this product line.

    Key dates in this process are listed below.

    Last Order Date: February 28, 2006

    Last Ship Date: March 3, 2006

    Customer Help Until Date: December 16, 2006

    Symantec will continue to use reasonable commercial efforts to provide available customer support by email to US and Canada based customers who purchased L0phtCrack (LC) products through the dates indicated above. As a courtesy to LC customers, we offer customer help via email regarding product usability inquiries through December 16, 2006.

    An FAQ for Licensed Users of L0phtCrack (LC) Products is also attached to help answer commonly asked questions. If you have additional questions about our notification, please contact us by email at mailto:Americas-LCcustserv@symantec.com.


    Thank you for your support.

    Sincerely,

    Sales Operations
    Symantec Corporation


    FAQ for Licensed Users of L0phtCrack (LC) Products

    Question: What versions of the L0phtCrack (LC) product line are impacted by this Sunset Plan?
    Answer: All versions of LC product line are impacted as described in this notification to customers. Symantec will discontinue its sale of the current and previously available versions of the product as well as its provision of product upgrades, updates and fixes for all versions of the product effective per the dates mentioned above.

    Question: Why is the LC product line being discontinued?
    Answer: The LC product line no longer fits into Symantec?s future product strategy. As a result, Symantec will not be applying any future development resources to this product line and will discontinue all sales.

    Question: What form of customer support is available to licensed users/customers of LC products?
    Answer: LC Customers did not pay for technical product support as part of their LC license agreements, and Symantec does not offer technical support for this product line. Customers based in the US and Canada can inquire about general product use/usability by email to Americas-LCcustserv@symantec.com through December 16, 2006. Customers who re-install their licensed copy of LC and need an Unlock Code can submit an email request to Americas-LCcustserv@symantec.com with the following information through December 16, 2006:
    LC version number (2.5, LC3, LC4 or LC5):
    If LC5, please indicate if you've purchased the Professional or Administrator edition:
    LC Serial Number:
    Company Name:
    Complete Company Address (street, city, state/prov, zip/postal code):
    Company URL:
    Nature of Business:
    Commercial or Public Sector (if Public Sector, please specify government, military or police):
    Contact Name:
    Contact Phone Number:

    Question: Can LC licensed users continue to use LC products after this Sunset Plan notification has been sent to Customers?
    Answer: Professional and Administrator users have perpetual license to use the LC product they purchased. Consultant users have one year license from date of product receipt to use the LC product they purchased.

    Question: Where can the customer get more information about LC5 and the FAQ Documentation about the product?
    Answer: LC5 product information is available with the software installation of the product under the Help menu. Licensed LC customers may also submit product inquiries to Americas-LCcustserv@symantec.com with the following information through December 16, 2006:
    LC version number (2.5, LC3, LC4 or LC5):
    If LC5, please indicate if you've purchased the Professional or Administrator edition:
    LC Serial Number:
    Company Name:
    Complete Company Address (street, city, state/prov, zip/postal code):
    Company URL:
    Nature of Business:
    Commercial or Public Sector (if Public Sector, please specify government, military or police):
    Contact Name:
    Contact Phone Number:
    Now, for us as auditors or those as security admins that bought the LC line, we need to research and test alternatives; of course, based on the license, as noted above, we can continue to use the license based on our license category. We have worked a bit with John the Ripper:

    http://www.openwall.com/john/

    But I was wondering of other alternatives as well? Should we look for another commericial product or go open-source or both?

    So far I have found, but not tested:

    PWCrack: http://www.pwcrack.com/


    And I know of Brutus and Crack - any others worthwhile?

    Thanks much in advance!
    \"We\'re the middle children of history.... no purpose or place. We have no Great War, no Great Depression. Our great war is a spiritual war. Our great depression is our lives. We\'ve all been raised by television to believe that one day we\'ll all be millionaires and movie gods and rock stars -- but we won\'t. And we\'re learning slowly that fact. And we\'re very, very pissed off.\" - Tyler (Brad Pitt) Fight Club.

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Question: Why is the LC product line being discontinued?
    Answer: The LC product line no longer fits into Symantec's future product strategy. As a result, Symantec will not be applying any future development resources to this product line and will discontinue all sales.
    That's odd... Does this have anything to do with it?

    http://www.theregister.co.uk/2005/11...t_controversy/
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    http://www.lcpsoft.com/english/index.htm -- LCP

    LCP was released as an Alternative to LC5... It doesn't have the speed or all the features, but it's got some features that LC5 doesn't have.


    And while I don't have time to test and review them all... here's the list from http://www.cromwell-intl.com/securit...-sysaudit.html

    Password cracking tools have clever rules implementing what users once thought were really keen ways to build passwords. Assume your threats have Crack, with the most up-to-date Crack rule sets, dictionaries of terms specific to your organization (e.g., phone directory, list of project and product names, building names, etc), and possibly huge dictionaries in several languages.


    Password crackers and related tools:
    Cracking tools in general: http://www.packetstormsecurity.org/Crackers/
    Unix-based Cracking tools:
    http://www.packetstormsecurity.org/Crackers/crack/
    ftp://coast.cs.purdue.edu/pub/tools/...wdutils/crack/
    Crackerjack
    http://packetstormsecurity.org/Crackers/crackerjack.zip
    ftp://theta.iis.u-tokyo.ac.jp/pub1/s...ack-1.4.tar.gz
    Slurpie http://packetstormsecurity.org/distributed/slurpie.tgz
    John the Ripper for Unix: http://packetstorm.decepticons.org/C...ohn-1.6.tar.gz
    Qrack http://packetstorm.decepticons.org/C.../qrack-1.0.tgz
    Hades http://packetstorm.decepticons.org/Crackers/hades.zip
    Hellfire Cracker For an amazing one-line Perl implementation of a simple Crack for Unix, see: http://www.dcs.ex.ac.uk/~aba/crack.html
    Word lists in several languages:
    ftp://ftp.ox.ac.uk/pub/wordlists/ -- Czech, Danish, Turkish, Hindi, ...
    http://www.und.nodak.edu/org/crypto/crypto/words/ Croat, Finnish, Irish, Polish, ...
    Password Cracking Tools for NT:

    L0phtCrack is the standard NT password grabber and cracker. It's great stuff -- it can dump your password hashes and it can reverse-engineer your passwords.
    ftp://dot.ishiboo.com/users/tfish/l0phtcrack.tar.gz, or
    ftp://dot.ishiboo.com/users/tfish/l0phtcrack.zip.
    John the Ripper for Windows: http://packetstorm.decepticons.org/C...s/john-16w.zip
    NTSweep http://packetstorm.decepticons.org/Crackers/ntsweep.zip
    Crack for NT from Somarsoft is a Crack replacement for NT.
    Code for Crack for NT
    http://somarsoft.com/ntcrack.htm
    There is more on NTCrack at: http://www.secnet.com/ntinfo/ntcrack.html with full source code at: ftp://ftp.secnet.com/pub/tools/ntcrack
    For general NT password issues, see the NT Password FAQ at: http://www.ntbugtraq.com/.
    Password Appraiser is yet another NT cracker: http://www.quakenbush.com/default.htm
    Password Policy Enforcer is for NT from TP Information Systems: http://www.tpis.com.au/products/ppe/features.asp
    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #4
    Senior Member genXer's Avatar
    Join Date
    Jun 2005
    Posts
    252
    That's odd... Does this have anything to do with it?
    Hmmm... meebe - it would be a crock if it is - but it looks logical - export, shm-export.

    HTRegz - cool - thanks - that helps!... Ahh crap:

    You must spread your AntiPoints around before giving it to HTRegz again.
    Well... here then:

    http://www.thesimpsons.com/mrx/index.htm
    \"We\'re the middle children of history.... no purpose or place. We have no Great War, no Great Depression. Our great war is a spiritual war. Our great depression is our lives. We\'ve all been raised by television to believe that one day we\'ll all be millionaires and movie gods and rock stars -- but we won\'t. And we\'re learning slowly that fact. And we\'re very, very pissed off.\" - Tyler (Brad Pitt) Fight Club.

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    I can also imagine MS waving the DMCA in Symantec's face and threatening to stop it's support for Symantec products.. I'll bet Symantec has access to (parts of) the windows source code.. Not having access would seriously hinder Symantec's development...
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    Member
    Join Date
    Jun 2005
    Posts
    55
    Hi,

    Wouldn't another reason be that the Rainbow project is nearly in which will seriously undermine password cracking as a pastime?

    Yurt Ennez
    No one can foresee the consequences of being clever.

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    I use 0phtCrack, the sourceforge answer to l0pht.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #8
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    I think what TH meant was Ophcrack, which uses Rainbow tables and claims to be "the fastest Windows password cracker".

    Cheers,

    -jk
    TAZForum <---- click

  9. #9
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by tenzenryu
    Hi,

    Wouldn't another reason be that the Rainbow project is nearly in which will seriously undermine password cracking as a pastime?

    Yurt Ennez
    I don't think that particular project would put an end to any usefulness from LC5. Certainly, it might make the hybrid cracking obsolete, but a lot of the basic testing, real time analysis, and other features (go read the salesbrochure, if it still exists, for the salesbabblespeak) are not supplanted merely by access to a huge Rainbow table. My point is Implementation is more important than Insturmentation. LC5 can probably offer some things that rainbow can't.

    I still think it's a crock. Yet one more decent product ruined by Symantec's urge to ingest. They ruined the intelligence and analysis value of ISS. You watch...they are probably going to tank Veritas, too. *sigh*
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  10. #10
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    IIRC the pro and enterprise versions of LC5 contained rainbow tables. There were a couple of different versions of LC5. Not sure if it was actually named pro and/or enterprise but the more expensive ones had rainbow tables, I'm sure of that.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •