SAINT?

Support for security such as Firewalls and securing linux
Post Reply
vap0rtranz
Posts: 6
Joined: 2007/09/13 23:15:40
Contact:

SAINT?

Post by vap0rtranz » 2007/11/15 05:31:05

What are we suppose to use nowadays for password testing? Saint? Satan? Crack??

I've inherited a web server that was just hacked into and my hunch is weak passwords (on the customer end). PAM will fix this for new accounts but I wanted to also know how to test the old ones ... maybe narrow down the list or something less global than a "Everyone's password has expired. Change it NOW!" :)

pjwelsh
Posts: 2598
Joined: 2007/01/07 02:18:02
Location: Central IL USA

SAINT?

Post by pjwelsh » 2007/11/15 13:21:25

http://freshmeat.net/search/?q=password+cracker&section=projects&Go.x=0&Go.y=0

But "John the Ripper" works well http://www.openwall.com/john/

vap0rtranz
Posts: 6
Joined: 2007/09/13 23:15:40
Contact:

Re: SAINT?

Post by vap0rtranz » 2007/11/16 04:23:56

hah! "Bob the Butcher" ... wow. So John's still out there? It always seems like these things were suppose to be deprecated by another one down the pipe ...

Anyways, I wasn't necessarily looking for password "recovery". More like door knocking on websites to see if customers are using something like "password" for their password so we can tell just the weak ones to reset.

pjwelsh
Posts: 2598
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: SAINT?

Post by pjwelsh » 2007/11/16 15:15:35

http://freshmeat.net/search/?q=security+auditing&section=projects&Go.x=0&Go.y=0
may provide more like what you may want.

Post Reply

Return to “CentOS 4 - Security Support”