Password and user account exploitation is one of largest issues in network security. In this article you will look at password cracking: the how and why of it. It wiill explain just how easy it is to penetrate a network, how attackers get in, the tools they use, and ways to combat it.
Attacks on a company or organization's computer systems take many different forms, such as spoofing, smurfing, and other types of Denial of Service (DoS) attacks. These attacks are designed to harm or interrupt the use of your operational systems. This article deals with a single wide-spread form of attack known as password cracking.
Password cracking is a term used to describe the penetration of a network, system, or resource with or without the use of tools to unlock a resource that has been secured with a password. In this article I will take a look at what password cracking is, why attackers do it, how they achieve their goals, and what you can do to do to protect yourself. I will briefly take a look at the attackers themselves: their psychological makeup and their motives. Through an examination of several scenarios, I will describe some of the techniques they deploy and the tools that aid them in their assaults, and how password crackers work both internally and externally to violate a company's infrastructure. Finally, the article provides a checklist to help protect you from password cracking.
Before exploring the methods for doing this, let's first peer into the mind of the attacker and learn why they might want access to your network and systems.
Attackers: how and why they attack
There is an on-going debate about the definition of the word hacker. A hacker can be anyone with a deep interest in computer-based technology; it does not necessarily define someone who wants to do harm. The term attacker can be used to describe a malicious hacker. Another term for an attacker is a black hat. Security analysts are often called white hats, and white-hat analysis is the use of hacking for defensive purposes.
Attackers' motivations vary greatly. Some of the most notorious hackers are high school kids in their basements planted in front of their computers looking for ways to exploit computer systems. Other attackers are disgruntled employees seeking revenge on a company. And still other attacks are motivated by the sheer challenge of penetrating a well-secured system.
Methods of attack
Password cracking doesn't always involve sophisticated tools. It can be as simple as finding a sticky note with the password written on it stuck right to the monitor or hidden under a keyboard. Another crude technique is known as "dumpster diving," which basically involves an attacker going through your garbage to find discarded documentation that may contain passwords.
Of course attacks can involve far greater levels of sophistication. Here are some of the more common techniques used in password cracking:
* Dictionary attack
A simple dictionary attack is by far the fastest way to break into a machine. A dictionary file (a text file full of dictionary words) is loaded into a cracking application (such as L0phtCrack), which is run against user accounts located by the application. Because the majority of passwords are often simplistic, running a dictionary attack is often sufficient to to the job.
* Hybrid attack
Another well-known form of attack is the hybrid attack. A hybrid attack will add numbers or symbols to the filename to successfully crack a password. Many people change their passwords by simply adding a number to the end of their current password. The pattern usually takes this form: first month password is "cat"; second month password is "cat1"; third month password is "cat2"; and so on.
* Brute force attack
A brute force attack is the most comprehensive form of attack, though it may often take a long time to work depending on the complexity of the password. Some brute force attacks can take a week depending on the complexity of the password. L0phtcrack can also be used in a brute force attack.