[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using John the Ripper with Heimdal

To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Subject: Re: Using John the Ripper with Heimdal
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Fri, 03 Feb 2006 13:01:17 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <200512151601.jBFG1Enr021821@ginger.cmf.nrl.navy.mil> (KenHornstein's message of "Thu, 15 Dec 2005 11:01:15 -0500")
References: <200512151601.jBFG1Enr021821@ginger.cmf.nrl.navy.mil>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/22.0.50 (darwin)


Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:

>>How about posting the reference?  I can't find it, and it's not at all
>>clear to me what the patch expects.  Also it seems only to deal with
>>DES3.
>
> I was curious about that as well.  AFAICT, it wants encrypted TGTs off
> the wire (I'm not sure if it just wants the encrypted part, or the
> whole thing); well, I guess technically a TGT itself isn't useful for
> a password cracker, it probably wants an AS-REP.
>
> This would be useful if you were an attacker and was sniffing the wire
> for responses from the KDC.  It's not so useful if your an admin and
> want to run it against an existing database.
>
> Personally, I think running cracklib during password changes is a lot more
> effective (you _do_ have a password changing policy, don't you? :-) ).

Sure we do, but I don't like cracklib very much, it think its too nice. Any
other tools people are using ?

Love

PGP signature

Prev by Date: Re: Using John the Ripper with Heimdal
Next by Date: Re: Fresh installation: Segmentation fault
Prev by thread: Re: Using John the Ripper with Heimdal
Next by thread: Re: Fresh installation: Segmentation fault
Index(es):
- Date
- Thread