|
Capturing user ids and passwords is very easy. You have to worry about someone on your LAN. For internet access, your ISPs LAN or your corporate ISPs LAN. They can also be captured on the LANs between your ISP and your corporate ISP. If your employees use large reputable ISPs you should have no problem. It is those little ISPs run out of a garage that have me worried. Try a TRACERT from your home to your company and see how many hops, (LANs), you go through. I get from Santa Rosa to Rohnert Park via LA. Christopher K. Bipes mailto:ChrisB@Cross-Check.com Sr. Programmer/Analyst mailto:Chris_Bipes@Yahoo.com CrossCheck, Inc. http://www.cross-check.com 6119 State Farm Drive Phone: 707 586-0551 x 1102 Rohnert Park CA 94928 Fax: 707 586-1884 *Note to Recruiters I nor anyone that I know of is interested in any new and/or exciting positions. Please do not contact me. -----Original Message----- From: Dan Bale [mailto:dbale@genfast.com] Sent: Tuesday, September 21, 1999 9:40 AM To: MIDRANGE-L@midrange.com Subject: RE: AS/400 on alt.hacker Ed, Thanks for the post. I had not seen this before, so this was news to me. I, and I think others on this list, are waiting to see if anyone takes up the "challenge" of cracking the AS/400 user ID and password, as offered by Leif(?). How high do you think IBM would jump if this were accomplished? But you got me thinking about using Remote Client Access to connect to an AS/400 through an ISP from home. From what I understand, this is all unencrypted, so anyone using "packet capture software" should be able to pick up my user ID and password with little difficulty. However, how will anyone know to "capture" _my_ connection? Would the person capturing be "sitting/waiting" on the AS/400-side of the transmission or would he have to be monitoring my end of the connection? If the latter, what are the chances that someone would know that I do this? It's not like I put a sign out in front of my house advertising this fact. I do an awful lot of surfing, so a "cracker" would have to have a pretty boring life waiting around for me to connect to our AS/400 from home. - Dan Bale ____________________ Original Message ______________________ I have not seen this info posted here, if I am repeating someone else I apologize. There is software called l0phtcrack. This software can obtain most passwords on an NT domain within 60 seconds if the user can access the registry, sams file, or password file. It can obtain passwords by just listening on the network without signing on by using SBM packet capture. What does this matter on the AS/400? If you are like many organization, your users have the same password on the network as the AS/400. If a hacker can hack at a weaker NT platform for a password, he can usually use it on more secure platforms such as the AS/400. The site is at http://www.l0pht.com/ In some cases the AS/400 is easier to capture passwords on. If you are using Telnet, FTP, or using a router such as NetSoft Elite, or NetWare SAA to connect to the AS/400, then your passwords are probably going over the wire without any encryption. I have successfully captured user ID's and Password by using a packet capture software. The capture is in ASCII format, so I convert it to EBCDIC and I have the user ID/Password. PS:I am involved in securing my network, not in breaching others. +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.