Free Essay

Csec 610 Lab 1

In: Computers and Technology

Submitted By truth83
Words 1190
Pages 5
1. Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why?

Answer: The two different types of attacks that can be performed in Cain and Abel are Brute Force attack and a Dictionary attack. The Brute Force attack is a method of breaking a cipher in a word through every possible key. The extent of breaking the password depends greatly on the length of the password. Within the program Cain and Abel, Brute Force will look at all possible combinations of characters within the password to try and recover or crack the password than the dictionary attack. Brute Force cracking can take forever to find the password but it will eventually lead to a password being cracked (Ducklin, 2013). Dictionary attacks, also known as wordlist attacks, is a simple and more efficient way to crack passwords. Many people tend to use words listed in the dictionary for passwords. The program uses multiple dictionaries as well as technical and foreign language dictionaries as support to enable the cipher to be cracked. The downside to this type of password cracking is that if a word contains complex symbols, uppercase, lowercase, and numbers that are not in the dictionary, then the dictionary attack can be beat (Gibson, 2011). With working with Cain and Abel in class, I felt that the dictionary attack was more efficient in finding the password due to real life scenarios where individuals set passwords for social media sites using words that are commonly found in the dictionary. Those types of words tend to be easily remembered than something more complex with symbols and numbers in a combination.

2. Compare and contrast the results from the two methods used to crack the accounts for the three passwords each encrypted by the two hash algorithms. What conclusions can you make after using these two methods?

Answer: With Brute force using the LM hashes, there was a significant time for all three users regardless of complexity amongst the different password that needed to be cracked. For the first user the time stated 6.5 years, user 2 was 5.5 years, and user 3 was 6.6 years. Using the NTLM hash all three users passwords would take forever to crack. The dictionary method proved to be more effective in cracking the ciphers amongst all three users. Using the LM hash in the dictionary attack, User 1’s password was cracked in 44 seconds; user 2’s password was cracked in 35 seconds; and user 3’s password was unsuccessful in cracking the password. Using the NTLM has User 1’s password was cracked in 42 seconds; user 2 in 26 seconds and user 3’s password was unsuccessful in being cracked. With all of the data that was tested using the Brute Force and Dictionary attack methods, the dictionary method proved to be more effective in cracking the passwords with less complexity. The more complex a password tends to be makes the process harder to crack, which sometimes can lead to it being unsuccessful. 3. Research another algorithm used to store passwords that were not discussed here. (Include references in APA format.) Answer: Another algorithm used to store passwords is the MD5 algorithm. According to ZDNet, MD5 password scrambler is no longer safe to be used on commercial websites. This shed light on MD5 when there was a breach on the website LinkedIn, which 6.4 million passwords were leaked on the Internet (Whittaker, 2012). MD5 Algorithm is used to verify data integrity with the creation of a 128-bit data input. MD5 replaced MD4, which was the old cryptologic hashing program. MD5 hashes are also used to ensure data integrity amongst files. MD5 Hashes are used in relation to credit card numbers or storing passwords. This is essential because MD5 uses small strings rather than larger ones for more complex ciphers. Other companies have moved past using MD5 hashing by blocking its digital certificates. Microsoft was a big name that also has updated their security protocol. The move was influenced because it has proven t be insecure with SSL certificates and digital signatures. MD5 has algorithms that could cause an attacker to decrypt its content and also to perform phishing (Constantin, 2013). 4. Research another password recovery software program and provide a thorough discussion of it. Compare and contrast it to Cain and Abel. (Include references in APA format.) Answer: Another password recovery software that was found is called Ophcrack. This software runs on Windows, Macintosh, and Linux operating systems. The program itself uses rainbow tables to cipher the password. Operating systems do not store passwords in plain text, which would make it, unsecure. What operating systems do is put passwords through a one-way hashing function to store the passwords. Once the password is entered the hashing does calculations to which it is then compared to the password hash. The program offers fast tables and small tables in which passwords can be cracked faster and in half the time using the fast tables. The only downside to this program is the inability to crack passwords composed of special characters (Slangen, 2009). 5. Anti-virus software detects Cain and Able as malware. Do you feel that Cain and Able is malware? Why or why not? Answer: Anti-virus software that are up to date will detect Cain and Able as malware because of the software sniffing tools that are embedded in the anti-virus software. In a blog called Bleeping Computer, a user stated that he tried to download the Cain and Able tool while having Avast anti-virus on his desktop computer. When he downloaded the program a message popped up stating that his computer was at risk and the program was “other potentially dangerous program.” The file name was Win32: Cain-B (Tool)- Malware type. With it being considered malware, the program can still be successfully downloaded on ones computer. With Cain and Abel being a password recovery tool, many companies that give updates to anti-virus software will encode Cain and Abel as malware for the purpose that it can be a vital tool in the right IT professionals hand, but can be detrimental to the integrity of passwords and sensitive information.

Sources:

* Ducklin, P. (2013, August 16). Anatomy of a brute force attack - how important is password complexity? Retrieved from https://nakedsecurity.sophos.com/2013/08/16/anatomy-of-a-brute-force-attack-how-important-is-password-complexity/ * Gibson, D. (2011). Security : Get Certified Get Ahead SY0-301 Study Guide (p. 348). CreateSpace. * Whittaker, Z. (2012, June 7). MD5 Password Scrambler 'No Longer Safe' Retrieved from http://www.zdnet.com/article/md5-password-scrambler-no-longer-safe/ * Constantin, L. (2013, August 14). Microsoft moves to block MD5 certificates and improve RDP authentication. Retrieved from http://www.computerworld.com/article/2483686/security0/microsoft-moves-to-block-md5-certificates-and-improve-rdp-authentication.html * Slangen, S. (2009, July 17). Ophcrack – A Password Hack Tool to Crack Almost Any Windows Password. Retrieved from http://www.makeuseof.com/tag/hack-windows-passwords-with-ophcrack/

Similar Documents

Premium Essay

Bus 610 Assignment 1

...Homeland/Organizational Culture Analysis BUS 610: Organizational Behavior Ashford University Introduction A country’s culture is transmitted in a variety of ways beginning with recruitment and migration but the American culture is evolved from a group of disparate people comprised of various religious, ethnic, and political influences. The United States of America is home to hundreds of cultures that are divided into a vast majority of cultural regions. The United States is predominantly a Western Culture because it consists of an Anglo majority which prevails politically and economically. The United States culture is divided up into six main geographic regions which consist of New England, Mid-Atlantic, the South, Midwest, Southwest and the West. The six regions are influenced by White American, African American, Native American, Hispanic/Latin American, Asian, and other Multiracial Americans. Cultural Regions in the United States As Americans gain more exposure to the United States, they will be able to observe how the different cultures affect their lifestyle, religion, experience, education and attitude. Here are some key characteristics of the six cultural regions: 1.    New England which is referred to as the Northeast is made up of the states of Maine, New Hampshire, Vermont, Rhode Island, Massachusetts and Connecticut. These states are well-known for its strong culture values in religion and political reform as well as its educational contributions to the......

Words: 1063 - Pages: 5

Free Essay

Csec 610 Lab One

...1) Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why? For the assignment we utilized Cain & Abel password recovery tool for Microsoft Operating Systems. For this lab assignment we utilized Brute Force NT LAN Manager (NTUM) and LAN Manager (LM) and Dictionary NTLM and LM hashes. (Features overview, n.d.) Brute Force is a password cracking -technique that tries every combination of numeric, alphanumeric, and special characters until the password is broken or the user is locked out. Dictionary is a technique that runs a given password against each of the words in a dictionary (file of words) until a match is found or the end of the dictionary is reached. (p. 13) Cain and Abel couples Brute Force and Dictionary with LM and NTLM hash. Based on my lab experience, my assessment is that the Dictionary NTLM Manager is the better of the processes. The table below reveals that Dictionary NTLM delivered more favorable results over LM because this process uncovered the passwords in the shortest amount of time and recovered the passwords in their entirety. Table | Brute Force LM | Brute Force NTLM | Dictionary LM | Dictionary NTLM | User1 | No password, 6-8 hours | No password, estimated time 10 years | yes, 75 seconds | yes, 40 | User2 | No password, 6-8 hours | No password, estimated time 10 years | yes, 30 | yes, 25 | User3 | No password, 6-8......

Words: 971 - Pages: 4

Free Essay

Bus 610 Week 1

...manager is able to relate to how hard it can be to tackle certain situations while dealing with deadlines and certain expectations, so he can definitely sympathize and encourage us with positive feedback and constructive criticism. His motto is always, “A happy worker is a productive worker,” which shows in my management style. References Baack, D. (2012). Organizational behavior. San Diego, CA: Bridgepoint Education, Inc. The Hawthorne Studies The human relations movement in management began in earnest in 1927. Researchers Elton Mayo and Fritz Roethlisberger conducted the Hawthorne Studies, focusing primarily on people rather than solely on productivity. In the studies, The primary findings of the research project were as follows: 1. The subjects responded to positive and pleasant interactions with researchers by increasing productivity rates on the job. 2. Some of the tasks performed by supervisors were eventually assumed by entry-level employees, who also generated higher levels of production, because the workers found the experience to be "fun" and free of anxiety about being disciplined for poor performance. 3. Workers tended to form groups that were cohesive and loyal to one another. Anyone who overproduced became a "Slave" or "Speed King" who was derided and even physically punched in the arm ("binging") by group members. Anyone who failed to do his fair share of work was labeled a "Chiseler" and admonished to keep up with the group. Mayo and......

Words: 742 - Pages: 3

Premium Essay

Lab 1

...Lab 1: Input, Processing, and Output This lab accompanies Chapter 2 of Starting Out with Programming Logic & Design. Name: ___________________________ Lab 1.1 – Algorithms This lab requires you to think about the steps that take place in a program by writing algorithms. Read the following program prior to completing the lab. Write a program that will take in basic information from a student, including student name, degree name, number of credits taken so far, and the total number of credits required in the degree program. The program will then calculate how many credits are needed to graduate. Display should include the student name, the degree name, and credits left to graduate. Step 1: Examine the following algorithm. (Reference: Designing a Program, page 31). 1. Get the student name. 2. Get the degree program name. 3. Subtract the number of credits taken so far from the required credits for the degree. 4. Get the number of credits required for the degree program. 5. Get the number of credits the student has taken so far. 6. Display the input information in Step 1 and 2. 7. Display the calculated information. Step 2: What logic error do you spot and how would you fix it? Step 3: What steps require user interaction (Ex: user must type in some input)? Lab 1.2 – Pseudocode This lab requires you to think about the steps that take place in a program by writing pseudocode. Read the following......

Words: 2451 - Pages: 10

Free Essay

Lab#1

...IS 3220July 7, 2014 Lab #1 Analyze Essential TCP/IP Networking Protocols 1. What is the purpose of the address resolution protocol (ARP)? ARP is used to mediate between Ethernet (and other broadcast link-level protocols) and the network layer, or IP protocols. Put more simply, ARP converts IP addresses to Ethernet addresses. 2. What is the purpose of the dynamic host control protocol (DHCP)? DHCP (Dynamic Host Configuration Protocol) is a communications protocol that lets network administrators centrally manage and automate the assignment of Internet Protocol (IP) addresses in an organization's network. http://searchunifiedcommunications.techtarget.com/definition/DHCP/ARP. Lab #2 Network Documentation 1. When you TELNET to LAN Switch 1 and LAN Switch 2, why is it a good idea to first PING an IP interface or port’s IP address? The ping verifies connectivity by sending ICMP echo packets to a host and listening for an echo reply. This will detect if there are any name resolution issues. 2. Why is using Telnet a security risk for an IP network infrastructure? Telnet sessions are in clear text and programs such as packet sniff can capture passwords and then use them to log into those sessions. 3. How can you mitigate the security risk caused by Telnet? Intrusion detection is a packet inspection tool that monitors, intercepts and responds to abuse in real time. ICMP inspection permits responses to ICMP packets like ping and traceroute that come......

Words: 427 - Pages: 2

Premium Essay

Lab 1

...Unit 1 Labs Lab 1.1 Step 13 Lab 1.2 Define Major Topics for a Database NOUNS | MAJOR TOPIC | Doctors | Patients | Drugs | Side Effects | Researchers | Patient Information | Westlake Research Hospital | Conducting test of new Depression Drugs | Lab 1.3 Create a Statement of Work Scope The Software-Tracking database will be used to help manage the school’s software licensing. The software will be monitored for lifecycle and version corrections as well as keeping track of the number of users accessing the software under the constraints of the license agreement. The faculty and staff computers will be tracked for which version and licensed copy of software is currently running on each system. Constraints The database can be used for accessing the faculty and staff’s logon to the school employee website for the purpose of inputting and updating hours worked. Faculty and staff members can conduct business related work, such as adjusting work schedules, and student’s grades in the system but are not able to view student’s personal files in the registrars system. Objectives * Make for a more efficient system by allowing employees to have control of shared calendars and student’s grades. * Improve the tracking of Software Licensing and the Lifecycle of programs. Tasks and Timeline 1. Gathering Data: Meet with School Board and those involved to discuss the needs and wants for a database. Time Allotted: 3 weeks. Deliverables: A list of......

Words: 365 - Pages: 2

Free Essay

Csec 610 Lab Question 1

...Lab Assignment 1 Questions 1. Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why? Cain and Abel is a MS operating password recovery instrument made for administrators and security professionals. Brute Force and Dictionary attacks through LM via Lan Manager and NTLM via NT LAN Manager hashes were used in the following assignment. Brute Force attack “is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies” (Rouse, 2006). This method is considered time consuming because it goes through all possible combinations of characters. Dictionary attack “is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password” (Rouse, 2005). In addition Cain and Abel has the ability to use Cryptanalysis attacks to break passwords, it is considered the fastest [time memory trade off method], being faster than brute force attacks while also not needing as much memory as dictionary attacks (Gates, 2006). During the lab assignment I found that Dictionary attack with NTLM was the most effective. It allows the user to select more search options like reverse, lowercase and uppercase…etc. It was the fastest method in cracking the......

Words: 957 - Pages: 4

Free Essay

Csec 610 Final Exam

...University of Maryland University College Final Exam Question 1 a) If I were to engineer a product that could be used to spy on users, the first thing I would install would be a rootkit. A rootkit is a clandestine kind of software that is designed to conceal that fact that an operating system has been compromised. They ultimately allow viruses and malware to hide from usual methods of detection, and permits continued privileged access to a computer. Rootkits allow for full control over a system, which means that existing software can be modified including detection software. Rootkit detection is difficult because a rootkit is activated before the operating system boots up and is able to subvert the software intended to find it (Vacca, 2013, pp. 53-54). The next step would then be to install spyware and use the rootkit to disguise it as necessary files that anti-spyware software will overlook. Once a user purchases this product and it is connected, off-site agents will be able to start collecting files and data and have the ability to access and control the infected devices. b) As a technology procurer for an organization, it is very important to do your research on your vendors. The legitimacy of the vendor needs to be verified and their workforce, production lines and supply chains need to be checked to ensure they have appropriate security measures and monitoring in place to safeguard against malicious activity. A security vulnerabilities assessment needs to......

Words: 5301 - Pages: 22

Premium Essay

Csec 630 1

...“Playfair” encipher option, the plaintext and key provided in the lab information, and DESELECTING the “separate duplicate letters only within pairs” option) SDAHFOWGRABSSRERIVBYBSCIMQTFNIVETGHBSNQCNCSDTDHBSNQCD ECNICIFCTIC A This is the playfair encryption that I received when I typed in the follow: The difference between stupidity and genius is that genius has its limits is listed above. However if you use the following encryption and you separate them by two characters you get the following: SD AH FO WG RA BS SR ER IV BY BS CI MQ TF NI VE TG HB SN QC NC SD TD HB SN QC DE CN IC IF OT IC When I use the Playfair encipher option and I separate the duplicate pairs with a letter X with the pair you get this. “The difxference betwexen stupidity and genius is that genius has its liscts”. Q4. Of the three ciphers discussed (Caesar, Vigenère, Playfair), what are their relative degree of security and why? When I look at the three ciphers it seems that Vigenera is the most difficult in my opinion especially when you look at the histogram. It has an entropy of 4.17 compared to the other two ciphers. Playfair seems easier to break than all of them but it has a entropy of 4.42 which says it is slightly more difficult to crack so I am up in the air with this one. Caesar would seem to be the next difficult especially when I look at the histogram. It also has a entropy of 4.17. Result list below. Lab Part 2: Advance Crytography Functions Q5. For each of the......

Words: 1234 - Pages: 5

Free Essay

Csec 620 Individual Assignment 1

...IA#1 Cybercrime Law, Regulation, Effects on Innovation John Doe CSEC 620 Section 9022 Note: This paper was submitted through originality check websites. Table of Contents 1. Introduction 3 2. Private Industry & Regulations 4 3. National Security Concerns 4 4. Methods 6 5. Impacts of Government Regulation 7 6. Compliance 8 7. Responsibility 9 8. The Real World 10 9. Conclusion 11 References 12 1. Introduction Cybersecurity and cybersecurity initiatives are commonplace in all aspects of our digital lives. Personal computers are still widely used, especially in the workplace, but mobile devices seem to be the preferred computing choice of the average person. This would include but not be limited to; smart phones, tablets, and laptops to name a few. Mobile devices have changed the digital landscape in a manner that could not have been predicted. This is because other than work or school related activities, most personal computers were used to play a few games, check email, and browse the internet. These activities eventually transitioned over to the aforementioned mobile devices. Now we mix in social media, and a whole new digital cyber-world has emerged. Talk about getting your head out of the clouds. We live in the cloud, literally and figuratively. What does this mean to the average consumer? Perhaps not much. Most people who operate in the digital world could probably care less about the underpinnings of cyberspace......

Words: 2894 - Pages: 12

Premium Essay

Csec 610

...Journal of Computer & Information Law, 18, 1049. Jacobson, D. (2009). Introduction to Network Security: Email: Ames, Iowa. CRC Press Taylor & Francis Group Marks, Gene. (2015). Why IT Professionals Are Thanking Hillary Clinton this Week. Retrieved from Forbes: http://www.forbes.com/sites/quickerbettertech/2015/03/09/why-it-professionals-are-thanking-hillary-clinton-this-week/ Platsis, G. (2012). The Real Vulnerability of the Cyberworld: You and I. Retrieved from Schulich, School of Business York University from http://seec.schulich.yorku.ca/the_real_vulnerability_of_the_cyberworld_you_and_i.aspx Sharp, Sr., W. G. (2010). The Past, Present, and Future of Cybersecurity. Journal of National Security Law & Policy, 4(1), 1. Vacca, J. R. (2013). Computer and Information Security Handbook: Waltham, MA: Morgan Kaufmann Publishing...

Words: 2316 - Pages: 10

Premium Essay

Csec 630 Lab 1

...cipher in comparison to the results of the Caesar cipher? Why is this the case? The Caesar cipher was a lot easier to see the patterns of the alphabet. The frequency definitely made it easier to distinguish the usage pattern which makes it easier for decryption while the pattern is lost if it is viewed with the Vigenère. It will be easier to crack if the Caesar cipher is used compared to using the Vigenère which seems to be more difficult to crack. Q3. There is an error in the following ciphertext representation of this quote, what is it? What should the correct ciphertext be? (Hint: when using the CrypTool there are several ways to decode one that you can use is “Playfair” encipher option, the plaintext and key provided in the lab information, and DESELECTING the “separate duplicate letters only within pairs” option) SDAHFOWGRABSSRERIVBYBSCIMQTFNIVETGHBSNQCNCSDTDHBSNQCD ECNICIFCTIC Answer: The error that is included in the cipher text is written below in Blue: THE DIFXFERENCE BETWEXEN STUPIDITY AND GENIUS IS THAT GENIUS HAS ITS LISCTS The correct ciphertext is: The difference between stupidity and genius is that genius has its limits. Q4. Of the three ciphers discussed (Caesar, Vigenère, Playfair), what are their relative degree of security and why? Out of all three ciphers, the Vigenère seems to be the most secure because the two other ciphers can be broken easily using statistical analysis. For example, the Playfair makes use of a......

Words: 959 - Pages: 4

Free Essay

Csec 610

...Running Head: Lab Assignment: Password Cracking Using Cain and Abel Lab Assignment 1: Password Cracking Using Cain University of Maryland University College Fall 2015 Lab Report Provided below is a table of the different generated user accounts and their accompanied passwords, along with the methodology used to crack each and either the time it took to reveal the password or estimated time provided by Cain and Abel to generate a successful solution. NTLM HASH | | Brute Force | Dictionary Attack | User 1 | No result, due to estimated time > 4yrs | Password cracked in < 1min | UUser 2 | No result, due to estimated time > 4yrs | Password cracked in < 1min | UUser 3 | No result, due to estimated time > 4yrs | No result. Estimated Time > 3hrs. | Table1: NTLM password cracking results LM HASH | | Brute Force | Dictionary Attack | User 1 | Password cracked in < 3min | Password cracked in < 2 min | User 2 | Password cracked in < 3min | Password cracked in < 1min | User 3 | No result, estimated time >3hrs | No result, I stopped it after 5 min. | Table2: LM password cracking results 1. Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why? A dictionary attack uses a file containing words, phrases, common passwords, and other strings that are likely to be used as a password. Each word in the......

Words: 1638 - Pages: 7

Premium Essay

Csec 630 Lab 1

...Lab Assignment #1: Introduction to Encryption Algorithms CSEC 630 University of Maryland University College Professor Jingyu Zhang 1. Which tool or technique would be most effective for a cryptanalyst to use to decipher a text encrypted with the Caesar cipher, and why? The best analysis tool to break the Caesar cipher is histogram because it performs a statistical analysis on cipher text which shows the frequency of each letter used in the file. This can later be compared and matched to the frequency of letters in the English language. 2. What do you notice about the histogram results when text is encrypted with the Vigenère cipher in comparison to the results of the Caesar cipher? Why is this the case? Histogram simply gives the frequency of each individual letter in cipher text without taking the plaintext into consideration. Since in Caesar cipher the relationship between plaintext and cipher text is one to one, histogram is more efficient to break the cipher. Since the key in vigenere is somewhat random the histogram shown below seems random as well. 3. There is an error in the following cipher text representation of this quote, what is it? The original unencrypted message is: TH ED IF FE RE NC EB ET WE EN ST UP ID IT YA ND GE NI US IS TH AT GE NI US HA SI TS LI MI TS The original encrypted message is: THE CORRECT CIPHERTEXT SD AH FO HL AR ST RE AS YL BS CI MQ TF NI VE TG HB SN QC NC SD TD HB SN QC DE CN IC IF OT IC This is the error example: SD...

Words: 1083 - Pages: 5

Free Essay

Csec 630 Lab 2

...C:\snort\bin\ *.conf *.rules *.pcap dir PCAP file opened in Wireshark Wire shark TCP only filter Snort cmd run Alert file after modifying Snort rules. Renamed alert file. Alert 2 1. When running Snort IDS why might there be no alerts? There could be several different reasons for Snort not seeing any alerts. The number one reason, is that Snort has not been configured properly to listen for traffic. Snort needs to be configured properly on specific port for it too listen to traffic. Another reason according to the Snort FAQ, no alerts can be due to “the result of a checksum offloading issue.” (Snort FAQ, 2016) The use of –k none should be added in the cmd line to solve the issue of no alerts. 2. If you only went to a few web sites, why are there so many alerts? Snort is an open-source intrusion detection system (IDS). Intrusion detection systems are able to analyze many different types of network traffic to detect abnormalities. Snort analyzes packets on a network depending on the traffic traversing the network. Traffic can include TCP, UDP, and HTTP traffic to name a few. Depending on which protocols where used when going to the website, different types of alerts can be produced by Snort. 3. What are the advantages of logging more information to the alerts file? Advantages to logging more information to the alerts files is that one, it can be more useful to a system administrator trying to figure out what type of......

Words: 1170 - Pages: 5