You can use your test results in a couple of different ways. For starters, they'll serve as a litmus test to determine whether or not you have password security risks. Odds are you do somehow somewhere. They'll also provide hard evidence to upper management that something needs to be done about the problem. This may include formal security awareness, new authentication technologies, or "tweaking" of existing policies -- especially on the enforcement side.
All in all, password cracking tests are an excellent way to not only root out weaknesses on your Windows network but also to see if people and processes are adhering to policies. Perform these tests on your network now and ongoing in the future and I guarantee you'll be amazed at what you uncover.
Requires Free Membership to View
When you register, my team of editors will also send you the latest expert resources covering pertinent IT topics such as Windows server backup and recovery, server administration, storage management, infrastructure security, virtualization, Hyper-V, Active Directory and Group Policy.
Cathleen A. Gagne, Senior Editorial Director
Cracking network passwords
Home: Introduction
Step 1: Ethical hacking methodology
Step 2: Tools you should use
Step 3: What good are your findings?
ABOUT THE AUTHOR
Kevin Beaver is an information security consultant, keynote speaker, and expert witness with
Atlanta-based Principle Logic, LLC where he specializes in performing independent security
assessments.
This was first published in December 2005