Unit 6: User Authentication




               Rainbow tables: These days, password crackers are computing all possible passwords and  Notes
               their hashes in a given system and putting the results into a lookup table called a rainbow
               table. When an attacker extracts a hash from a target system, he or she can simply go to the
               rainbow table and look up the plaintext password. Some crackers (and Web sites) can use
               rainbow tables to crack any LM hashes in a couple of seconds. You can purchase very large
               rainbow tables, which vary in size from hundreds of megabytes to hundreds of gigabytes,
               or generate your own using Rainbow Crack (http://www.antsight.com/zsl/
               rainbowcrack).



             Did u know?  Rainbow tables can be defeated by disabling LM hashes and using long,
            complex passwords.
               Password sniffing: Some password crackers can sniff authentication traffic between a
               client and server and extract password hashes or enough authentication information to
               begin the cracking process. Cain & Abel both sniffs authentication traffic and cracks the
               hashes it retrieves. Other sniffing password crackers are ScoopLM (http://
               www.securityfriday.com/tools/ScoopLM.html) and KerbCrack (http://ntsecurity.nu/
               toolbox/kerbcrack), a sniffer and cracker for cracking Kerberos authentication traffic.
               None of these can crack NTLNv2 authentication traffic.
          4.   Password Capturing: Many attackers capture passwords simply by installing a keyboard-
               sniffing Trojan horse or one of the many physical keyboard-logging hardware devices for
               sale on the Internet. Symantec reports that 82 percent of the most commonly used malware
               programs steal confidential information. Most steal passwords. By buying not so big
               amount, anyone can buy a keyboard keystroke logger that can log more than 2 million
               keystrokes. Physical keyboard logging devices less than an inch long can easily be slipped
               between the keyboard cord and the computer’s keyboard port. And let’s not forget how
               easy it is to sniff passwords from wireless keyboards even from a city block away.

          6.3.2 Password Selection Strategies

          The importance of picking a good, secure password can’t be emphasized enough. Your password
          is the way the computer verifies that someone logging in is really you, so pick something that
          cannot be guessed by others. The top reasons people gain unauthorized accesses to a password
          protected system is: They guessed someone’s password. (Often because they found it on a piece
          of paper next to the victim’s computer or because they saw the person type the password in, but
          also because they use software programs that are VERY good at guessing common passwords.)
          Too short password is too easy to guess. If the password is 8 random character, it is impossible
          to crack the password. In order to eliminate guessable passwords four basic techniques are
          suggested:
          1.   User education
          2.   Computer generated password
          3.   Reactive password checking:
               (i)  The system periodically runs its own password cracker to find guessable passwords.

               (ii)  The system cancels passwords that are guessed and notifies user.
               (iii)  Consumes resources.
               (iv)  Hackers can use this on their own machine with a copy of the password file. Can
                    they get the password file?



                                           LOVELY PROFESSIONAL UNIVERSITY                                   63