[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using John the Ripper with Heimdal

Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:

>>How about posting the reference?  I can't find it, and it's not at all
>>clear to me what the patch expects.  Also it seems only to deal with
> I was curious about that as well.  AFAICT, it wants encrypted TGTs off
> the wire (I'm not sure if it just wants the encrypted part, or the
> whole thing); well, I guess technically a TGT itself isn't useful for
> a password cracker, it probably wants an AS-REP.
> This would be useful if you were an attacker and was sniffing the wire
> for responses from the KDC.  It's not so useful if your an admin and
> want to run it against an existing database.
> Personally, I think running cracklib during password changes is a lot more
> effective (you _do_ have a password changing policy, don't you? :-) ).

Sure we do, but I don't like cracklib very much, it think its too nice. Any
other tools people are using ?


PGP signature