Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Bestcrypt brute force

from [Javier Sanchez] Network Security [Permanent Link]
Subject: Bestcrypt brute force
Date: Thu, 25 Nov 2004 11:39:12 +0100 


Hi all,

i need to test the encryption of a bestcryt container, i thought that
some brute force test will be enough. I have found a program for win
that does exactly what im looking for but the creator website is down.
Does anyone know Bestcrypt Brute Forcer ?? And any alternative download
sites ??


Cheers

Javier Sanchez
sjllera@ya.com


On Tue, 2004-11-23 at 14:18, Raphaël Rigo ML wrote:

Davide wrote:


Hi everybody. would you please give me some hints for the followin 
situation?
In a win-based network, a folder contains some documents
that have to be made available to company employees when
they are not in the HQ but they are in a local branch office
this is currently implemented by a FTP server (win 2kserver); the ftproot 
is the root dir of the documents.
the server is connected to internet:

(internet)---(router)---(firewall)---(LAN)---(server)

employees access from a remote location office using their win logon 
credentials (no anonym access is provided). The local branch office acceses 
internet with a dinamic IP provided by ISP. What security concerns are 
rised in this setting? Should I use a DMZ, using the server to provide FTP 
services and moving the ftproot folder to another server INSIDE the DMZ 
(linked to a shared folder)?
How can I overcome the problem that FTP passwords are transmitted not 
enchrypted? Should a VPN between HQ provide the panacea for these problems?

thanks in advance
davide

Hello,
The problem is that (if I understand your network correctly), everybody 
in the lan is able to sniff the passwords as they are transmitted in 
plaintext. One of the easiest ways to get more security without changing 
  your network would be to use a TLS/SSL enabled FTP servers, along with 
clients supporting this.
I am not aware of any TLS enabled FTP server for windows licensed under 
a free license but a good commercial one is Blackmoon Ftp Server.
For the clients, still on Windows, I can only recommend FileZilla 
(http://filezilla.sf.net) which is a really good FTP/SFTP Client 
licensed under the GPL.

I hope this helps.
Raphaël
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: studying guide/book for CISSP, Penetration Test
Next by Date:  Re: Documentation on HPOV - NNM, cheokho
Previous by Thread:  Re: securing an FTP service, Raphaël Rigo ML
Next by Thread:  Re: Bestcrypt brute force, GuidoZ
Indexes:  [Date] [Thread] [Top] [All Lists]