Home
Course Information
Schedule
Team Lists
White Paper
Midterm Examination
Final Report
Final Examination
Complaint Policy
Grade Determination

Lesson Objectives   Lesson Information   Slideshow   References   Questions

Lesson Objectives

1. Describe how passwords are hashed in the password file.
2. Describe the password security vulnerabilities.
3. Explain the methods and tools used by intruders use to crack passwords.
4. Explain how passwords may be sniffed over the network.

Lesson Information

This lesson will discuss password security. In particular, how passwords are stored in the password file, and the associated security vulnerabilities is described. Also, the methods and tools used by intruders to crack passwords and sniff passwords over the network is described.

Slideshow

Password Security

References

TR98-021:   Survey of UNIX Penetration Tests Performed During a Graduate Computer Security Class at Texas A&M University

Neil M. Haller, "The S/KEY one­time password system," in Proceedings of the ISOC Symposium on Network and Distributed System Security, San Diego, California, February 1994. The Internet Society.  Available at ftp://thumper.bellcore.com/pub/nmh/docs/ISOC.symp.ps (Accessed January 19th, 2001).

James P. Holmes, Russell.L. Maxwell, and Larry J. Wright, "A performance evaluation of biometric identification devices," Technical Report SAND91-0278/UC-906, Sandia National Laboratories, July 1990.

Questions

This website is maintained by John Hill.