[Dshield] Password Cracking Software

Tom dshield at oitc.com
Fri Feb 23 21:59:36 GMT 2007


At 4:37 PM -0500 2/23/07, David Taylor wrote:
>To add a bit more information to this so folks get an understanding at what
>I am trying to get at.  A while back we were looking at having IT folks here
>at Penn use password cracking software against various systems as part of a
>security assessment.  L0phtCrack was a legitimate application (legit in this
>case means Symantec didn't detect it as evil). We were planning on talking
>to @Stake about a site license. If we are going to make recommendations of
>specific software to use in reality it can't be one that would be detected
>by AV software by default.
>
>Since Rainbow Tables is the big thing now I downloaded Ophtcrack and as soon
>as I began the install it pwdump was detected by Symantec. So, if we
>recommend software to our Penn IT Community we really can't tell them they
>need to stop the AV software from detecting it.  If that makes sense.

Dave

Have you tried:

http://www.antsight.com/zsl/rainbowcrack/
or
http://www.oxid.it/cain.html

as alternatives.

Tom
-- 

Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/
US Phone Numbers: 321-984-3714, 321-729-6258(fax), 
321-258-2475(cell/voice mail,pager)
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trshaw at mac.com
Google Talk: trshaw at gmail.com
skype: trshaw


More information about the list mailing list