Combating Dictionary Attacks
Password attack is a generic term used to describe various activities
attempting to crack, alter, delete, or tamper with a system's password
database in order to break into it or jeopardize its security. A
dictionary attack, however, is a special type of password attack. It
attempts to "reverse engineer" users passwords on a given machine.
How does a dictionary attack actually work?
Linux uses the DES algorithm, which is not invincible, to encrypt
users' passwords. As Linux requires relatively short passwords, users
often choose passwords that are easy to guess. A dictionary attack
takes advantage of these factors in order to crack passwords.
Attackers use a dictionary, or a list of words, and encrypt them using
the DES algorithm. A typical word list might contain the entire Webster
dictionary or similar corpuses of nouns, adjectives, and proper names.
Sophisticated software tools, such as Crack, manipulate the words in a
dictionary by reversing and chopping them, affixing numbers to their
ends, changing letters' case, etc.... Crack can transform each word
into no less than 4096 distinct strings! After generating all the
permutations, the password-cracking tool encrypts them using the DES
algorithm and compares the result with the list of encrypted passwords
located at /etc/passwd on the target host. Using a fast machine and
clever password-cracking tools, cracking a password takes a matter of
minutes.
How can you protect your system from such dictionary attacks?
As always, avoid passwords that are too easy to guess. Several
utilities enable a system administrator to enforce strict password
policies by disabling short passwords or disabling nouns and proper
names altogether. A password that consists of a combination of random
letters, special characters, and numbers is less susceptible to
dictionary attacks. Remember to also change passwords frequently.
Finally, use additional user authentication means and protection
measures such as disabling inactive accounts, intrusion detection
utilities, and restricted authorizations.
» posted by ITworld staff
ITworld
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
