[unisog] Password auditing
Peter Van Epp
vanepp at sfu.ca
Fri Jul 1 17:52:31 GMT 2005
On Fri, Jul 01, 2005 at 10:25:57AM -0700, Dave Dittrich wrote:
> > Both Steve and Dave make good points about dictionary based auditing
> > but I worry that that would not have helped in our case earlier in
> > the week. Dictionary based attacks and defences are only as good as
> > the dictionaries you have access to and unless you can add in what
> > the latest attack tools are using you are going to miss things.
> > Hmmm... Dave do you know if anyone collects these lists and colates
> > them? I've go one hot from the forensics ;)
There is a good whack of them still on ftp.ox.ac.uk in /pub/wordlists.
I don't know if it is being kept up though (my original reference is from 1996).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the unisog