To: Myrddin
Dictionary attacks were popular 20 years ago.
Which makes me wonder why they need the passwd file. If they’ve got control of the network they can just see the password in transit.
To: Black Agnes
Man in the middle attacks are pretty simple. On a local Ethernet, a simple ARP cache poisoning can allow you to insert yourself between two parties. There are more sophisticated approaches to man in the middle for SSH sessions too. I've done all of those in SANS security classes. Why stop with a password? We actually stole an entire VMware VM as a class exercise. If you throw in a web site, you have a whole new set of attack surfaces. Javascript and SQL injection attacks. Click jacking. Remote path traversal. There are many more means of attack. Master them and take your exam as a Certified Ethical Hacker. It's a valid career path in today's world of cyber warfare.
117 posted on
07/25/2013 7:10:50 PM PDT by
Myrddin
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson