: [EMAIL PROTECTED]
Subject:Re: NT password encryption name service
Chris Hastings was incorrect in his calculation...
There are only two options in L0phtcrack with special characters, one
with
12
Make that (26 lowercase + 26 uppercase + 10 numerals + 12 special
characters)^8 with a total of
899
PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, December 20, 2000 7:52 PM
Subject: RE: NT password encryption name service
Using this password as an example (for length and character type),
the number of possibilities
would be (26 lowercase+26 uppercase+10 numerals+6 special
D];
[EMAIL PROTECTED]
Subject: RE: NT password encryption name service
No this is correct. The entire problem with NT's broken scheme hinges
on this. Longer passwords don't make safer passwords. Yech!
Graham, Randy \(RAW\) writes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The reason yo
nt: Friday, December 22, 2000 10:05 AM
To: Graham, Randy (RAW)
Cc: 'Chris Williamson'; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: RE: NT password encryption name service
No this is correct. The entire problem with NT's broken scheme hinges
on this. Longer passwords don't make safer
L PROTECTED]]
Sent: Thursday, 21 December 2000 4:37
To: Carl Ma; [EMAIL PROTECTED]
Subject: Re: NT password encryption name service
Precisely why you should run Windows 2000 networks in native
mode and use
Kerberos V5 as the preferred authentication method. The mixed
mode operation
snip
Finally, taking the opinion of Ben, you can set to your NT server to force
the users to write "complex passwords", you can download the tool passprop.
Over Windows 2000, you only need set your Local Security Police to
"complicate password".
/snip
Unfortunately, this leads to the practice
rom: Lance Ecklesdafer [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 21 December 2000 4:37
To: Carl Ma; [EMAIL PROTECTED]
Subject: Re: NT password encryption name service
Precisely why you should run Windows 2000 networks in native
mode and use
Kerberos V5 as the preferred authentic
PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: NT password encryption name service
Hi Folks
I am not sure if Lance used L0pht tool to crack the traffic over the
network. If it is so, Lance can set the level encryption over his network by
setting the types of challenge-response authentication. You can go
The Kerberos stuff is only a replacement for the venerable NTLM and even
more venerable Lanmanager. It is my impression that the SAM was still
stored in the same hashing manner in Win2K unless you use the strong
encryption
option for the entire SAM (which is a pain).
L0phtcrack will work on any
: RE: NT password encryption name service
Using this password as an example (for length and character type), the
number of possibilities
would be (26 lowercase+26 uppercase+10 numerals+6 special characters)^8
(assuming that the
period at the end of the sentence isn't part of the password
Is there an echo in here ... ?
Lance
- Original Message -
From: "Jeff Deitz" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, December 21, 2000 11:43 AM
Subject: RE: NT password encryption name service
The Kerberos stuff is only a replacement for the venerable NTL
ting topic.
Lance
- Original Message -
From: "Lance Ecklesdafer" [EMAIL PROTECTED]
To: "Jeff Deitz" [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday, December 21, 2000 6:39 PM
Subject: Re: NT password encryption name service
Is there an echo in here ... ?
You must have had very few users or an extremely powerfull server to crack
by brute force the passwords. The password you referenced has 4 of the
recommended characters I wish every user used. Upper and lower case
characters, special characters, and numbers. What cracking software did you
use to
://www.imsidc.com/
+
-Original Message-
From: Bobby Brown [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 20, 2000 12:15
To: '[EMAIL PROTECTED] '
Subject: RE: NT password encryption name service
You must have had very few users
What type of system were you running the cracking algorithm? How long did
it take for your system to brute force the complicated (X1#!h0a_) password?
Darich
-Original Message-
From: Carl Ma [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 20, 2000 9:00 AM
To: [EMAIL PROTECTED]
Using this password as an example (for length and character type), the
number of possibilities
would be (26 lowercase+26 uppercase+10 numerals+6 special characters)^8
(assuming that the
period at the end of the sentence isn't part of the password). This is a
total of 457,163,239,653,376
Precisely why you should run Windows 2000 networks in native mode and use
Kerberos V5 as the preferred authentication method. The mixed mode operation
of this DC (In Windows 2000 there is no PDC or BDC .. all controllers are
equal peers). You cannot run a Windows 2000 domain in native mode untill
What kind of tool did you use to run it?
TIA
Guzheng
From: "Lance Ecklesdafer" [EMAIL PROTECTED]
To: "Carl Ma" [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: NT password encryption name service
Date: Wed, 20 Dec 2000 13:06:43 -0500
Precisely why you should run W
gy
Marconi Services
Network Integration Specialist
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
-Original Message-
From: Lance Ecklesdafer [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 21 December 2000 4:37
To: Carl Ma; [EMAIL PROTECTED]
Subject: Re: NT password encryption name service
for it right now.
Thanks,
Lance
- Original Message -
From: "Ben Nagy" [EMAIL PROTECTED]
To: "'Lance Ecklesdafer'" [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Wednesday, December 20, 2000 5:56 PM
Subject: RE: NT password encryption name service
Hi Lance,
The Kerberos stuff i
Nagy [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: NT password encryption name service
I agree with you Ben in that the best policy for a password is to make sure
that there are a large number of characters. The only problem is the
difficulty in getting management at most companies to go
21 matches
Mail list logo
