Network Security: Detailed info on Re: Highlighting weak password dangers

Subject:	Re: Highlighting weak password dangers
Date:	Tue, 30 Jan 2007 00:00:26 -0700

Subject:

Re: Highlighting weak password dangers

Date:

Tue, 30 Jan 2007 00:00:26 -0700

out of curiosity - are you doing this as part of a security compliance
initiative? or just to present to your current user community the
importance of using strong passwords in adherence w/ security policy?

On 1/24/07, WALI <hkhasgiwale@gmail.com> wrote:

I want to highlight the danger of using weak passwords on servers and users
admin desktops. I have tested TSgrinder with a basic dictionary Brute Force
to access Remote Desktop exploit on both servers and desktops. The problem
here is that when connected to domain, the Account Lockout feature disables
the account quite soon. I can only show the exploit on machines not
connected to the domain where Domain Security policy doesn't flow down.

What are other interesting and intriguing ways to present this problem? I
also need a system to do Passwords Audit on my domain and make then 'secure
password' policy compliance.

--
DISCLAIMER
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please notify
the sender immediately by e-mail if you have received this e-mail by
mistake and delete this e-mail from your system.

<Prev in Thread]	Current Thread	[Next in Thread>
ENC: Password Pride - A Humorous Vulnerability, Marcus Valsecchi RE: Password Pride - A Humorous Vulnerability, Dixon, Wayne Re: Password Pride - A Humorous Vulnerability, Melissa RE: Password Pride - A Humorous Vulnerability, David Gillett Re: Password Pride - A Humorous Vulnerability, RS RE: Password Pride - A Humorous Vulnerability, Murda Mcloud Message not available Highlighting weak password dangers, WALI RE: Highlighting weak password dangers, Simon W. Hall RE: Highlighting weak password dangers, Scott Ramsdell Re: Highlighting weak password dangers, Manuel Arostegui Ramirez Re: Highlighting weak password dangers, Alexander Bolante <= Re: Highlighting weak password dangers, anesde Message not available Re: Port 8081 mystery, WALI Message not available Port 8081 mystery, WALI RE: Port 8081 mystery, Gressick, Michael Re: Port 8081 mystery, Brian . D . Turk RE: Port 8081 mystery, Remad Re: Port 8081 mystery, George A. Theall Re: Port 8081 mystery, Johnny Wong RE: Port 8081 mystery, Sandro, Herpich RE: Port 8081 mystery, Christopher A. Libby

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: RE: Highlighting weak password dangers, somebodyishere
Next by Date:	RE: Wireless Monitoring, tgreenfield
Previous by Thread:	Re: Highlighting weak password dangers, Manuel Arostegui Ramirez
Next by Thread:	Re: Highlighting weak password dangers, anesde
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: RE: Highlighting weak password dangers, somebodyishere

Next by Date:

RE: Wireless Monitoring, tgreenfield

Previous by Thread:

Re: Highlighting weak password dangers, Manuel Arostegui Ramirez

Next by Thread:

Re: Highlighting weak password dangers, anesde

Indexes:

[Date] [Thread] [Top] [All Lists]