Networking / Beginners

Password Cracking

Password cracking is sometimes called a dictionary-based attack. Password crackers are programs that decipher password files. Password-cracking programs are available for most network and computer operating systems. They are able to decipher password files by utilizing the same algorithm used to create the encrypted password. They generally employ a dictionary of known words or phrases, which are also encrypted with the password algorithm. The password crackers compare each record in the password file against each record in the dictionary file to find a match. When a match is found, a password is found.

The source code for password-cracking programs for most computer and network operating systems (NOSs) is easily available on the Web at sites such as http://www.L0pht.com. Some of the programs available on the Web include Brute, CrackerJack, John The Ripper, and NewHack.

Social Engineering

Social engineering, which refers to the nontechnical methods hackers employ to gain access to systems, can be amazingly effective. Social engineering usually refers to the process of convincing a person to reveal information (such as a password) that enables the hacker to gain access to a system or network.

Under the typical scenario, hackers obtain a company phone directory and call an unsuspecting employee, claiming to be calling from the company IS department. The hacker, who may even use the name of someone in the IS department, might say that there is a problem and ask the employee to enter in a long series of obscure commands to check the problem. The employee enters the commands, which do not seem to work, while the phony IS employee pretends to get increasingly exacerbated with the employee. The targeted employee feels pressured in his or her seeming failure to enter the commands correctly, and finally, the phony IS employee says something like, "Just give me your password so that I can check it myself and we can get this problem resolved." Subsequently, the employee reveals his or her password to the hacker thinking the hacker is a company IS employee. As simple as that, the hacker now has a username and password and access to the company system. It is amazing how many times I have heard of this approach being successful.

It is important for every organization to have a policy regarding the disclosure of passwords. Generally that policy should state that passwords are not to be disclosed to anyone, including IS personnel. That policy should be communicated to all company employees.

Another method commonly employed by hackers is referred to as dumpster diving. Dumpster diving may not officially fall under the category of social engineering, but it certainly is lowtech. Dumpster diving refers to the process of gathering information by going through garbage. Computer printout is of particular value in dumpster diving. Hackers look for information such as system account names, source code (particularly if it has passwords hardcoded), or customer account numbers (for financial institutions). It is important that an organization has proper controls for the disposal of hardcopy records and files. The controls should be codified in a formal policy.

[Previous] [Contents] [Next]

In this tutorial:

  1. Threats and Attacks
  2. The OSI Reference Model
  3. TCP/IP Protocol Suite
  4. Threats, Vulnerabilities, and Attacks
  5. Attacks
  6. Viruses
  7. Worm
  8. Trojan Horses
  9. Trap Doors
  10. Logic Bombs
  11. Port Scanning
  12. Spoofs
  13. Sequence Number Spoofing
  14. DNS
  15. DNS Poisoning
  16. Redirects
  17. Password Cracking
  18. Sniffing
  19. War Dialing
  20. Denial of Service
  21. Ping of Death
  22. SYN Flooding
  23. SPAM
  24. Smurf Attack