[Dshield] Password Cracking Software

Scott Melnick duckie37 at gmail.com
Sat Feb 24 18:04:37 GMT 2007


I always thought Ophtcrack was a boot CD. But anyways, Have you tried
adding the pwdump in the symantec File Exclusion for the system auto
protect? If you use the SAV server I think you can put that exclusion
and more in for all your AV clients.

Cheers,
Scott Melnick

On 2/23/07, David Taylor <ltr at isc.upenn.edu> wrote:
>
> To add a bit more information to this so folks get an understanding at what
> I am trying to get at.  A while back we were looking at having IT folks here
> at Penn use password cracking software against various systems as part of a
> security assessment.  L0phtCrack was a legitimate application (legit in this
> case means Symantec didn't detect it as evil). We were planning on talking
> to @Stake about a site license. If we are going to make recommendations of
> specific software to use in reality it can't be one that would be detected
> by AV software by default.
>
> Since Rainbow Tables is the big thing now I downloaded Ophtcrack and as soon
> as I began the install it pwdump was detected by Symantec. So, if we
> recommend software to our Penn IT Community we really can't tell them they
> need to stop the AV software from detecting it.  If that makes sense.
>
> ==================================================
> David Taylor //Sr. Information Security Specialist
> University of Pennsylvania Information Security
> Philadelphia PA USA
> (215) 898-1236
> http://www.upenn.edu/computing/security/
> ==================================================
>
>
> -----Original Message-----
> From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
> On Behalf Of David Taylor
> Sent: Friday, February 23, 2007 2:16 PM
> To: General DShield Discussion List
> Subject: [Dshield] Password Cracking Software
>
>
>
> Hi all,
>
> Since @Stake was acquired by Symantec L0phtCrack is no longer available.  As
> far as I know it was the only professional quality (with support, etc)
> software available for this purpose.  Does anyone know of other software
> that would fit this bill?
>
> I know there are a lot of applications out there such as John the Ripper,
> Cain, etc but we are looking for one that would, by default, not get
> detected by Anti-Virus software.
>
> ==================================================
> David Taylor //Sr. Information Security Specialist
> University of Pennsylvania Information Security
> Philadelphia PA USA
> (215) 898-1236
> http://www.upenn.edu/computing/security/
> ==================================================
>
>
> _________________________________________
>
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
>
>
>
> _________________________________________
>
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
>


More information about the list mailing list