Cracking Passwords in Forensic Investigations - Scholarly ...
Cracking Passwords in Forensic Investigations - Scholarly ...
Cracking Passwords in Forensic Investigations - Scholarly ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
were used for crack<strong>in</strong>g, which would not allow the user to select a vulnerable<br />
password <strong>in</strong> the first place. Hence, Kle<strong>in</strong> recommended the pro-active password<br />
checker to cover up the security vulnerability <strong>in</strong> order to make the crackable 24.2% of<br />
passwords secure.<br />
3.1.2 An Analysis and Comparison of Clustered Password Crackers<br />
Frichot (2004) conducted research and analysis of clustered password crack<strong>in</strong>g<br />
software John the Ripper. The ma<strong>in</strong> <strong>in</strong>tention of his research was to compare the two<br />
software packages John the Ripper and Cisilia, which utilise the Open Mosix and<br />
Beowulf styles of parallel comput<strong>in</strong>g respectively. However, Frichot was unable to<br />
perform a comparison of the two, s<strong>in</strong>ce he encountered problems us<strong>in</strong>g Cisilia.<br />
Therefore, he conducted an analysis and highlighted issues <strong>in</strong> regards to clustered<br />
password crack<strong>in</strong>g with the use of John the Ripper.<br />
Frichot‟s (2004) background study on passwords and password crack<strong>in</strong>g<br />
methods is similar to the ones identified <strong>in</strong> the literature review <strong>in</strong> Chapter 2. In order<br />
to perform his research, Frichot made use of two clusters of computers. The first<br />
cluster consisted of 13 nodes and was set to the Beowulf configuration <strong>in</strong> order to test<br />
John the Ripper. The second cluster consisted of 14 nodes and was set to the<br />
OpenMosix configuration for test<strong>in</strong>g Cisilia. Both of these clusters were set up on the<br />
L<strong>in</strong>ux platform.<br />
For the ma<strong>in</strong> experiment, Frichot (2004) created password samples <strong>in</strong><br />
Microsoft‟s LAN manager (LANMAN) format. The sample passwords consisted of<br />
manually created passwords, which were created so as to cover a broad spectrum of<br />
password quality. The researcher used Williams‟ (2001) algorithm to determ<strong>in</strong>e<br />
password quality and created passwords that had quality rat<strong>in</strong>gs from 5 to 14 (cited <strong>in</strong><br />
Frichot, 2004). Frichot performed password crack<strong>in</strong>g tests on both the Beowulf<br />
cluster and the OpenMosix cluster. The data he collected for the Beowulf cluster<br />
<strong>in</strong>cluded half the cipher-text password, half the pla<strong>in</strong>-text password, username, a digit<br />
represent<strong>in</strong>g which half of the password was cracked, and the amount of time it took<br />
to crack the password. It was essential to note which half of the password was<br />
cracked, s<strong>in</strong>ce the LANMAN hash<strong>in</strong>g algorithm supports a maximum of seven-<br />
33