Do you have a formal password policy for your Windows-based systems? Do you suspect that some of your network users...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
have insecure passwords? If you answered yes to either of these questions, then now's a good time to check for password-related vulnerabilities on your network.
Passwords are often the first (and all too often, the last) line of defense to protect sensitive digital assets. Given that most Windows-based passwords (domain, Terminal Services, e-mail, etc.) tie back to the domain account, all it takes is one hole -- one entry point -- to get in and crack a password. Once that's done, anything is fair game. This is especially true with all the IIS-based applications, Citrix deployments, and other outward facing applications that so many organizations have in place today.
Cracking network passwords
Step 1: Ethical hacking methodology
Step 2: Tools you should use
Step 3: What good are your findings?
ABOUT THE AUTHOR
Kevin Beaver is an information security consultant, keynote speaker, and expert witness with Atlanta-based Principle Logic, LLC where he specializes in performing independent security assessments.