Results 1 to 5 of 5

Thread: Could detect any password cracking on Windows

  1. March 10th, 2005, 07:11 AM #1
    acera
    acera is offline
    Junior Member
    Join Date
    Feb 2005
    Posts
    1

    Could detect any password cracking on Windows

    Is there any program scripting that could detect or alert any password cracking, so that the owner could realize it?How?What progamming tools that is suitable to use?
    Reply With Quote Reply With Quote
  2. March 10th, 2005, 10:33 AM #2
    XTC46
    XTC46 is offline
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Are you asking if it is possible to notice somone trying to crack your password in real time? or to notice if somone ALREADY cracked your password?

    if it is the first than its kind of a tricky question. It depends on the system. In many cases the person doing the cracking will use another account (say the guest account or other limited account) and then get the password file (sam for windows, shadow for nix) and then run the attack on their machine this way they can do it at their own pace and not worry about as many logs. If they do attack it while its on the machine then your logs will clearly show MANY failed attempts. SAme goes if it is attacking say a pop account or something. the logs will show "X failed attempts"

    if you are asking if it possible to tell if somone has already cracked your password then it can be hard. Sometimes new accounts have been created, your password has been changed, and other out of the ordinary activity is occuring. Changing my password would be the first thing I did after checking for malware on the machine (no sense in changing it if the attacker has a key loger).
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com
    Reply With Quote Reply With Quote
  3. March 10th, 2005, 10:35 AM #3
    SirDice
    SirDice is offline
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    If you mean someone bruteforcing a login, check your logs. Note the amount of failed attempts. Any decent OS will have these types of logs.

    For windows NT/2K/XP etc. you'll have to enable auditting. It isn't switched on by default.

    Any OS in perticular?
    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Reply With Quote Reply With Quote
  4. March 10th, 2005, 02:28 PM #4
    Timmy77
    Timmy77 is offline
    Member
    Join Date
    Dec 2003
    Posts
    97
    The other challenge is that a popular way to crack windows passwords is by extracting the hashes from the SAM or the cached domain passwords (see IronGeek's post here http://www.antionline.com/showthread...hreadid=266698 )

    Cracked passwords using either of these methods are undetectable, since the cracking occurs "off-line."
    Reply With Quote Reply With Quote
  6. March 10th, 2005, 03:09 PM #5
    SirDice
    SirDice is offline
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Yep. That's why you need to change your passwords on a regular basis. If the (offline) cracking takes longer then your password age you'll have nothing to worry about.

    You can calculate the strenght of your passwords relatively easy. You must adjust the password age accordingly.
    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules