Bugtraq mailing list archives

Re: brute force

From: fitz () draco mv com (Tom Fitzgerald)
Date: Thu, 6 Jun 1996 01:47:28 -0400

Here are several services we bruteforce attack:

telnetd
rexecd
ftpd
rshd
pop3
filesharing


I'm surprised you don't list uucpd, that's always been my favorite target
for a password bruteforce (rexecd is easier, but it's disabled on more
platforms than uucpd).

As for the individual who claimed that 99% of sites let you ftp the
/etc/passwd file, yes that's true but the passwd file is much more often a
dummy.  Either the passwords are *'d out (if the target is one of those
checklist-following places) or the encrypted password is bogus (if the
target is sneaky).

--
Tom Fitzgerald    fitz () draco mv com

Current thread:

Re: Not so much a bug as a warning of new brute force attack, (continued)
- - - Re: Not so much a bug as a warning of new brute force attack Russell Street (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Joe Block (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Thayne Forbes (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Steve Chew (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Shaun Lowry (Jun 04)
    - Re: Not so much a bug as a warning of new brute force attack Valdis.Kletnieks () vt edu (Jun 04)
    - rexec brute bastard (Jun 04)
    - Selecting Good Passwords mdr () vodka sse att com (Jun 04)
    - brute force *Hobbit* (Jun 04)
    - Re: brute force Christopher Klaus (Jun 04)
    - Re: brute force Tom Fitzgerald (Jun 05)
    - Re: brute force Alan Brown (Jun 06)
    - Re: Linux rlogin hole with libc 5.x Alan Brown (Jun 06)
    - Re: Linux rlogin hole with libc 5.x Pablo Idiaquez (Jun 06)
    - help TaeJin Hong (Jun 07)
    - HP-UX B.10.01 vulnerability Aleph One (Jun 07)
    - Strange changes - any ideas? Fred Cohen (Jun 08)
    - Re: Strange changes - any ideas? dsiebert () icaen uiowa edu (Jun 09)
    - Re: Strange changes - any ideas? Andrew V. Kovalev (Jun 09)
    - Digital Unix, daemons and the SIA authentication library. Paul C Leyland (Jun 10)
    - Re: Strange changes - any ideas? Darren Reed (Jun 10)

(Thread continues...)