An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants.
Interest in anonymous P2P systems has increased in recent years for many reasons, ranging from the desire to share copyrighted files without revealing one's network identity and risking litigation[1] to distrust in governments, concerns over mass surveillance and data retention, and lawsuits against bloggers.[2]
Contents [hide]
1 Motivation for anonymity
2 Arguments for and against anonymous P2P communication
2.1 General
2.2 Freedom of speech
2.2.1 Anonymous blogging
2.2.2 Censorship via Internet domain names
2.3 Control over online tracking
2.4 Effects of surveillance on lawful activity
2.5 Access to censored and copyrighted material
2.6 Anonymous online money
3 Functioning of anonymous P2P
3.1 Anonymity and pseudonymity
3.2 Spam and DoS attacks in anonymous networks
4 Opennet and darknet network types
5 List of anonymous P2P networks and clients
5.1 Public P2P clients
5.1.1 Defunct or dormant
5.2 Private P2P clients
5.3 Friend-to-friend clients
5.4 Hypothetical or defunct networks
5.4.1 Hypothetical
5.4.2 Defunct or dormant
5.5 Anonymous P2P in a wireless mesh network
6 See also
7 References
8 External links
Motivation for anonymity
There are many reasons to use anonymous P2P technology; most of them are generic to all forms of online anonymity.
P2P users who desire anonymity usually do so as they do not wish to be identified as a publisher (sender), or reader (receiver), of information. Common reasons include:
The material or its distribution is illegal or incriminating
Material is legal but socially deplored, embarrassing or problematic in the individual's social world (for example, anonymity is seen as a key requirement for organizations like Alcoholics Anonymous)
Fear of retribution (against whistleblowers, unofficial leaks, and activists who do not believe in restrictions on information or knowledge)
Censorship at the local, organizational, or national level
Personal privacy preferences such as preventing tracking or datamining activities
A particularly open view on legal and illegal content is given in The Philosophy Behind Freenet.
Governments are also interested in anonymous P2P technology. The United States Navy funded the original onion routing research that led to the development of the Tor network, which was later funded by the Electronic Frontier Foundation and is now developed by the non-profit organization The Tor Project, Inc.
Arguments for and against anonymous P2P communication
General
While anonymous P2P systems may support the protection of unpopular speech, they may also protect illegal activities not protected under some free speech laws, such as fraud, libel, the exchange of illegal pornography, the unauthorized copying of copyrighted works, or the planning of criminal activities. Critics[who?] of anonymous P2P systems hold that the advantages offered by such systems do not outweigh these disadvantages, and that other communication channels are already sufficient for unpopular speech.
Some[who?] proponents of anonymous P2P systems believe that all restrictions on free speech serve authoritarian interests. Others[who?] argue that information itself is ethically neutral, and that it is the people acting upon the information that can be good or evil. Perceptions of good and evil can also change (see moral panic); for example, if anonymous peer-to-peer networks had existed in the 1950s or 1960s, they might have been targeted for carrying information about civil rights or anarchism.
Easily accessible anonymous P2P networks are seen by some as a democratization of encryption technology, giving the general populace access to secure communications channels already used by governments. Supporters of this view, such as Phil Zimmermann, argue that anti-surveillance technologies help to equalize power between governments and their people,[3] which is the actual reason for banning them. Pilger opines that monitoring of the populace helps to contain threats to the "consensual view of established authority"[4] or threats to the continuity of power structures and privilege.
Freedom of speech
Some claim that true freedom of speech, especially on controversial subjects, is difficult or impossible unless individuals can speak anonymously. If anonymity is not possible, one could be subjected to threats or reprisals for voicing an unpopular view. This is one reason why voting is done by secret ballot in many democracies. Controversial information which a party wants to keep hidden, such as details about corruption issues, is often published or leaked anonymously.
Anonymous blogging
Anonymous blogging is one widespread use of anonymous networks. While anonymous blogging is possible on the non-anonymous internet to some degree too, a provider hosting the blog in question might be forced to disclose the blogger's IP address (as in the case of Google revealing an anonymous blogger's identity[5]). Anonymous networks provide a better degree of anonymity. Flogs in Freenet, Syndie in I2P and Osiris sps are some examples of anonymous blogging technologies.
One argument for anonymous blogging is a delicate nature of work situation. Sometimes a blogger writing under his/her real name faces a choice between either staying silent or causing a harm to himself, his colleagues or the company he works for.[6]
Risk of lawsuits is another reason. Some bloggers have faced multi-million dollar lawsuits[7] that were later dropped completely;[8] anonymous blogging provides protection against such risks.
Censorship via Internet domain names
On the non-anonymous internet, a domain name like "mysite.com" is a key to accessing information. The censorship of the Wikileaks website[9] shows that domain names are extremely vulnerable to censorship. Some domain registrars have suspended customers' domain names even in the absence of a court order.
For the affected customer, blocking of a domain name is a far bigger problem than a registrar refusing to provide a service; typically, the registrar keeps full control over the domain names in question. In the case of a European travel agency, more than 80 .com web sites were shut down without any court process and held by the registrar since then. The travel agency had to rebuild the sites under the .net top-level domain instead.[10]
Anonymous networks, on the other hand, do not rely on domain name registrars. For example, Freenet implements censorship-resistant URLs based on public-key cryptography: only a person having the correct private key is able to update the URL or take it down.
Control over online tracking
Anonymous P2P also has value in normal daily communication. When communication is anonymous, the decision to reveal the identities of the communicating parties is left up to the parties involved and is not available to a third party. Often there is no need or desire by the communicating parties to reveal their identities. As a matter of personal freedom, many people do not want processes in place by default which supply unnecessary data. In some cases such data could be compiled into histories of their activities.
For example, most current phone systems transmit caller ID information by default to the called party (although this can be disabled either for a single call or for all calls). If a person calls to make an inquiry about a product or the time of a movie, the party called has a record of the calling phone number, and may be able to obtain the name, address and other information about the caller. This information is not available about someone who walks into a store and makes a similar inquiry
Effects of surveillance on lawful activity
Online surveillance, such as recording and retaining details of web and e-mail traffic, may have effects on lawful activities.[11] People may be deterred from accessing or communicating legal information because they know of possible surveillance and believe that such communication may be seen as suspicious.
According to law professor Daniel J. Solove, such effects "harm society because, among other things, they reduce the range of viewpoints being expressed and the degree of freedom with which to engage in political activity." [12]
Access to censored and copyrighted material
Most countries ban or censor the publication of certain books and movies, and certain types of content. Other material is legal to possess but not to distribute; for example, copyright and software patent laws may forbid its distribution. These laws are difficult or impossible to enforce in anonymous P2P networks.
Anonymous online money
With anonymous money, it becomes possible to arrange anonymous markets where one can buy and sell just about anything anonymously. Anonymous money could be used to avoid tax collection. However, any transfer of physical goods between two parties could compromise anonymity.[13]
Some[who?] argue that conventional cash provides a similar kind of anonymity, and that existing laws are adequate to combat crimes like tax evasion that might result from the use of anonymous cash, whether online or offline[citation needed].
Functioning of anonymous P2P
Anonymity and pseudonymity
Some of the networks commonly referred to as "anonymous P2P" are truly anonymous, in the sense that network nodes carry no identifiers. Others are actually pseudonymous: instead of being identified by their IP addresses, nodes are identified by pseudonyms such as cryptographic keys. For example, each node in the MUTE network has an overlay address that is derived from its public key. This overlay address functions as a pseudonym for the node, allowing messages to be addressed to it. In Freenet, on the other hand, messages are routed using keys that identify specific pieces of data rather than specific nodes; the nodes themselves are anonymous.
The term anonymous is used to describe both kinds of network because it is difficult—if not impossible—to determine whether a node that sends a message originated the message or is simply forwarding it on behalf of another node. Every node in an anonymous P2P network acts as a universal sender and universal receiver to maintain anonymity. If a node was only a receiver and did not send, then neighbouring nodes would know that the information it was requesting was for itself only, removing any plausible deniability that it was the recipient (and consumer) of the information. Thus, in order to remain anonymous, nodes must ferry information for others on the network.
Spam and DoS attacks in anonymous networks
Originally, anonymous networks were operated by small and friendly communities of developers. As interest in anonymous P2P increased and the user base grew, malicious users inevitably appeared and tried different attacks. This is similar to the Internet, where widespread use has been followed by waves of spam and distributed denial-of-service attacks. Such attacks may require different solutions in anonymous networks. For example, blacklisting of originator network addresses does not work because anonymous networks conceal this information. These networks are more vulnerable to DoS attacks as well due to the smaller bandwidth, as has been shown in examples on the Tor network.
However, a conspiracy to attack an anonymous network could be considered criminal computer hacking[citation needed]. Participants in the network interested in ensuring the continuous availability of it could collaborate to identify the source of abusive traffic, and further investigate or prosecute it. This could be done without compromising the anonymity of data in the network.
Opennet and darknet network types
Main article: Friend-to-friend
Like conventional P2P networks, anonymous P2P networks can implement either opennet or darknet (often named friend to friend) network type. This describes how a node on the network selects peer nodes:
In opennet network, peer nodes are discovered automatically. There is no configuration required but little control available over which nodes become peers.
In a darknet network, users manually establish connections with nodes run by people they know. Darknet typically needs more effort to set up but a node only has trusted nodes as peers.
Some networks like Freenet support both network types simultaneously (a node can have some manually-added darknet peer nodes and some automatically-selected opennet peers) .
In a friend-to-friend (or F2F) network, users only make direct connections with people they know. Many F2F networks support indirect anonymous or pseudonymous communication between users who do not know or trust one another. For example, a node in a friend-to-friend overlay can automatically forward a file (or a request for a file) anonymously between two "friends", without telling either of them the other's name or IP address. These "friends" can in turn forward the same file (or request) to their own "friends", and so on. Users in a friend-to-friend network cannot find out who else is participating beyond their own circle of friends, so F2F networks can grow in size without compromising their users' anonymity.
Some friend-to-friend networks allow the user to control what kind of files can be exchanged with "friends" within the node, in order to stop them from exchanging files that user disapproves of.
Advantages and disadvantages of opennet compared to darknet are disputed, see Friend to Friend article for summary.
List of anonymous P2P networks and clients
Public P2P clients
Bunzilla - file sharing
Calypso - (formerly Kommute) successor to Mute
Freenet - a censorship-resistant distributed file system for anonymous publishing (open source, written in Java)
GNUnet - P2P framework, includes anonymous file sharing as its primary application (GNU project, written in C)
I2P - a decentralized (overlay) network for strong anonymity and end-to-end encryption, with many applications (p2p, browsing, distributed anonymous e-mail, instant messaging, irc, ...) running on top of it (free/open source, platform-independent)
I2phex - a Gnutella client which communicates anonymously through I2P
iMule - an emule port running under I2P network (includes built-in I2P router)
Netsukuku - a peer-to-peer routing system aiming to build a free and independent internet
Nodezilla - an anonymizing, closed source network layer upon which applications can be built (written in C++ and Java)
OneSwarm - A backwards compatible BitTorrent client with privacy-preserving sharing options, aims to create a large F2F network.
OFF System - a P2P distributed file system through which all shared files are represented by randomized data blocks
Omemo - an open source social storage platform (p2p virtual hard drive)
Osiris sps - an anonymous and distributed web portals creator.
Perfect Dark - a P2P client which relies on a mixnet and distributed datastore to provide anonymity (freeware, written for Windows)
Rodi - a file sharing client which allows for a low degree of anonymity
StegoShare - a steganography software may be used for anonymous file sharing
Stealthnet - the successor to RShare
Syndie - a content syndication program that operates over numerous anonymous and non-anonymous networks
Vuze (formerly Azureus) - a BitTorrent client with the option of using I2P or Tor (open source, written in Java)
Winny - a P2P client that is very popular in Japan (freeware, written in C++ for Windows)
Defunct or dormant
ANts P2P - file sharing and HTTP publishing
Bitblinder
Entropy - a "Freenet alternative"
Marabunta - for chatting only
MUTE - file sharing
RShare - file sharing
Private P2P clients
Private P2P networks are P2P networks that only allow some mutually trusted computers to share files. This can be achieved by using a central server or hub to authenticate clients, in which case the functionality is similar to a private FTP server, but with files transferred directly between the clients. Alternatively, users can exchange passwords or keys with their friends to form a decentralized network
Friend-to-friend clients
Friend-to-friend networks are P2P networks that allows users only to make direct connections with people they know. Passwords or digital signatures can be used for authentication.
Hypothetical or defunct networks
Hypothetical
The following networks only exist as design or are in development
Crowds - Reiter and Rubin's system for "blending into a crowd" has a known attack
Herbivore - a distributed anonymous DC-communication system, providing private file sharing and messaging, under development at the Cornell University.
P2PRIV - Peer-to-Peer diRect and anonymous dIstribution oVerlay - anonymity via virtual links parallelization - currently in development and has significant, unsolved problems in a real world environment
Phantom - a fully decentralized high-throughput anonymization network currently working on a plan to implement it
Ano - extensible IP anonymizer with steganography support (in development)
Anonymous P2P in a wireless mesh network
It is possible to implement anonymous P2P used on a wireless mesh network: unlike fixed internet connections, users don't need to sign up with an ISP to participate in such a network, and are only identifiable through their hardware. Even if a government were to outlaw the use of wireless P2P software, it would be difficult to enforce such a ban without a considerable infringement of personal freedoms. Alternatively, the government could outlaw the purchase of the wireless hardware itself. Protocols for wireless mesh networks are OLSR and the follow-up protocol B.A.T.M.A.N., which is designed for decentralized auto-IP assignment. See also Netsukuku.
Hackers
Friday, January 7, 2011
Operation Titstorm
Operation Titstorm was a series of cyber attacks by the Anonymous online community against the Australian government in response to proposed internet censorship regulations. Australian Telecommunications Minister Stephen Conroy was the architect of the plan that would mainly filter sites with pornographic content. Various groups advocating an uncensored internet, along with web based companies such as Google and Yahoo!, object to the proposed filter.
The denial-of-service attack resulted in lapses of access to government websites on the 10th and 11th of February 2010. This was accompanied by emails, faxes, and phone calls harassing government offices. The actual size of the attack and number of perpetrators involved is unknown. It drew criticism from other filter protest groups. A spokesperson for Conroy said that the actions were not a legitimate form of protest and called it irresponsible. The initial stage was followed by small in-person protests on 20 February.Contents [hide]
1 Background
2 Attacks
3 Response
4 See also
5 References
6 External links
Background
The operation began as a protest responding to a plan by Australian Telecommunications Minister Stephen Conroy that would require internet service providers to block illegal and what the government deemed as "unwanted" content.[1] Websites to be blocked feature pornography showing rape, bestiality, child sex abuse, small-breasted women (who may appear under the legal age), and female ejaculation. Drawn depictions of such acts are included in the proposal.[2] The filter also includes gambling sites along with others showing drug use.[3] A leaked version of the proposed blacklist also showed sites that did not include adult content. The name "Operation Titstorm" was in reference to the material that would be censored.[4]
Google has questioned the proposal, saying the prohibitions would be too broad.[1][4] It is strongly opposed by free speech groups. A poll conducted by McNair Ingenuity Research for the Hungry Beast television program found that 80% of their 1000 respondents were in favor of the concept of the plan.[5] The survey also found that 91% were concerned about the government's intent to keep the list of filtered websites a secret.[6]
The Department of Defence's Cyber Security Operations Centre discovered the attack was coming on 5 February.[7] A statement released by Anonymous to the press two days before the attack said, "No government should have the right to refuse its citizens access to information solely because they perceive it to be 'unwanted'." It went on to read, "The Australian Government will learn that one does not mess with our porn. No one messes with our access to perfectly legal (or illegal) content for any reason."[8][9] Anonymous had previously garnered media attention with protests against Church of Scientology (Project Chanology) and the Iranian government.[10] In September 2009, Prime Minister Kevin Rudd's website was hacked in a similar protest to proposed internet censorship reforms.[5]
Attacks
On 10 February 2010, government websites were targeted by denial-of-service attacks. The Communications Department said the hackers had not infiltrated government security, but had instead swamped government computer servers.[5] Sites were left unavailable for sporadic periods throughout the attack. At one point, the Australian Parliament's website was offline for about 2 days due to the high-volume of requests.[11] As a primary target, the Communications Department also received a large amount of traffic. Government offices were also flooded with e-mail spam, junk faxes, and prank phone calls.[2] The Prime Minister's homepage was vandalized with pornographic images.[8]
One cyber security expert described the attacks as “the equivalent of parking a truck across the driveway of a shopping centre”.[12] Reports of the actual size of the attack have varied. A firm marketing security technology said that the peak of the attack was a relatively low 16.84 megabits per second.[2] One writer described the 7.5 million requests per second that initially brought down the Parliament website as "massive".[1] The site usually only receives a few hundred per second.[9] It appears that botnets made up of compromised computers were not used.[2] Estimates of perpetrators involved have ranged from hundreds to thousands.[3][10]
Response
A spokeswoman for Conroy said such attacks were not a legitimate political protest. They were "totally irresponsible and potentially deny services to the Australian public".[13] The Systems Administrators Guild of Australia said that it "condemned DoS attacks as the wrong way to express disagreement with the proposed law."[14] Anti-censorship groups criticised the attacks, saying they hurt their cause.[10][13] A purported spokesperson for the attackers recommended that the wider Australian public protest the filter by signing the petition of Electronic Frontiers Australia.[15]
Anonymous coordinated a second phase with small protests outside the Parliament House in Canberra and in major cities throughout Australia on 20 February. Additional demonstrations were held at some of the country's embassies overseas.[14] This was dubbed "Project Freeweb" to differentiate it from the cyber attacks that were criticised by other protest groups.[16]
Several supporters of the attack later said on a messageboard that taking down websites was not enough to convince the government to back down on the internet filtering policy and called for violence. Others disagreed with such actions and proposed launching an additional attack on a popular government site. A spokesman for Electronic Frontiers Australia said he believed there was no real intention or capacity to follow through with any of the violent threats
The denial-of-service attack resulted in lapses of access to government websites on the 10th and 11th of February 2010. This was accompanied by emails, faxes, and phone calls harassing government offices. The actual size of the attack and number of perpetrators involved is unknown. It drew criticism from other filter protest groups. A spokesperson for Conroy said that the actions were not a legitimate form of protest and called it irresponsible. The initial stage was followed by small in-person protests on 20 February.Contents [hide]
1 Background
2 Attacks
3 Response
4 See also
5 References
6 External links
Background
The operation began as a protest responding to a plan by Australian Telecommunications Minister Stephen Conroy that would require internet service providers to block illegal and what the government deemed as "unwanted" content.[1] Websites to be blocked feature pornography showing rape, bestiality, child sex abuse, small-breasted women (who may appear under the legal age), and female ejaculation. Drawn depictions of such acts are included in the proposal.[2] The filter also includes gambling sites along with others showing drug use.[3] A leaked version of the proposed blacklist also showed sites that did not include adult content. The name "Operation Titstorm" was in reference to the material that would be censored.[4]
Google has questioned the proposal, saying the prohibitions would be too broad.[1][4] It is strongly opposed by free speech groups. A poll conducted by McNair Ingenuity Research for the Hungry Beast television program found that 80% of their 1000 respondents were in favor of the concept of the plan.[5] The survey also found that 91% were concerned about the government's intent to keep the list of filtered websites a secret.[6]
The Department of Defence's Cyber Security Operations Centre discovered the attack was coming on 5 February.[7] A statement released by Anonymous to the press two days before the attack said, "No government should have the right to refuse its citizens access to information solely because they perceive it to be 'unwanted'." It went on to read, "The Australian Government will learn that one does not mess with our porn. No one messes with our access to perfectly legal (or illegal) content for any reason."[8][9] Anonymous had previously garnered media attention with protests against Church of Scientology (Project Chanology) and the Iranian government.[10] In September 2009, Prime Minister Kevin Rudd's website was hacked in a similar protest to proposed internet censorship reforms.[5]
Attacks
On 10 February 2010, government websites were targeted by denial-of-service attacks. The Communications Department said the hackers had not infiltrated government security, but had instead swamped government computer servers.[5] Sites were left unavailable for sporadic periods throughout the attack. At one point, the Australian Parliament's website was offline for about 2 days due to the high-volume of requests.[11] As a primary target, the Communications Department also received a large amount of traffic. Government offices were also flooded with e-mail spam, junk faxes, and prank phone calls.[2] The Prime Minister's homepage was vandalized with pornographic images.[8]
One cyber security expert described the attacks as “the equivalent of parking a truck across the driveway of a shopping centre”.[12] Reports of the actual size of the attack have varied. A firm marketing security technology said that the peak of the attack was a relatively low 16.84 megabits per second.[2] One writer described the 7.5 million requests per second that initially brought down the Parliament website as "massive".[1] The site usually only receives a few hundred per second.[9] It appears that botnets made up of compromised computers were not used.[2] Estimates of perpetrators involved have ranged from hundreds to thousands.[3][10]
Response
A spokeswoman for Conroy said such attacks were not a legitimate political protest. They were "totally irresponsible and potentially deny services to the Australian public".[13] The Systems Administrators Guild of Australia said that it "condemned DoS attacks as the wrong way to express disagreement with the proposed law."[14] Anti-censorship groups criticised the attacks, saying they hurt their cause.[10][13] A purported spokesperson for the attackers recommended that the wider Australian public protest the filter by signing the petition of Electronic Frontiers Australia.[15]
Anonymous coordinated a second phase with small protests outside the Parliament House in Canberra and in major cities throughout Australia on 20 February. Additional demonstrations were held at some of the country's embassies overseas.[14] This was dubbed "Project Freeweb" to differentiate it from the cyber attacks that were criticised by other protest groups.[16]
Several supporters of the attack later said on a messageboard that taking down websites was not enough to convince the government to back down on the internet filtering policy and called for violence. Others disagreed with such actions and proposed launching an additional attack on a popular government site. A spokesman for Electronic Frontiers Australia said he believed there was no real intention or capacity to follow through with any of the violent threats
Password cracking
Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.
Contents
[hide]
1 Prevention
2 Software
3 References
4 External links
Prevention
Main article: Shadow password
The best method of preventing password cracking is to ensure that attackers cannot get access even to the encrypted password. For example, on the Unix operating system, encrypted passwords were originally stored in a publicly accessible file /etc/passwd. On modern Unix (and similar) systems, on the other hand, they are stored in the file /etc/shadow, which is accessible only to programs running with enhanced privileges (ie, 'system' privileges). This makes it harder for a malicious user to obtain the encrypted passwords in the first instance. Unfortunately, many common network protocols transmit passwords in cleartext or use weak challenge/response schemes.[1][2]
Modern Unix systems have replaced traditional DES-based password hashing with stronger methods based on MD5 and Blowfish.[3] Other systems have also begun to adopt these methods. For instance, the Cisco IOS originally used a reversible Vigenère cipher to encrypt passwords, but now uses md5-crypt with a 24-bit salt when the "enable secret" command is used.[4] These newer methods use large salt values which prevent attackers from efficiently mounting offline attacks against multiple user accounts simultaneously. The algorithms are also much slower to execute which drastically increases the time required to mount a successful offline attack.[5]
Solutions like a security token give a formal proof answer by constantly shifting password. Those solutions abruptly reduce the timeframe for brute forcing (attacker needs to break and use the password within a single shift) and they reduce the value of the stolen passwords because of its short time validity.
Software
Main category: Password cracking software
There are many password cracking software tools, but the most popular[6] are Cain and Abel, John the Ripper, Hydra, ElcomSoft and Lastbit. Many litigation support software packages also include password cracking functionality. Most of these packages employ a mixture of cracking strategies, with brute force and dictionary attacks proving to be the most productive.
Contents
[hide]
1 Prevention
2 Software
3 References
4 External links
Prevention
Main article: Shadow password
The best method of preventing password cracking is to ensure that attackers cannot get access even to the encrypted password. For example, on the Unix operating system, encrypted passwords were originally stored in a publicly accessible file /etc/passwd. On modern Unix (and similar) systems, on the other hand, they are stored in the file /etc/shadow, which is accessible only to programs running with enhanced privileges (ie, 'system' privileges). This makes it harder for a malicious user to obtain the encrypted passwords in the first instance. Unfortunately, many common network protocols transmit passwords in cleartext or use weak challenge/response schemes.[1][2]
Modern Unix systems have replaced traditional DES-based password hashing with stronger methods based on MD5 and Blowfish.[3] Other systems have also begun to adopt these methods. For instance, the Cisco IOS originally used a reversible Vigenère cipher to encrypt passwords, but now uses md5-crypt with a 24-bit salt when the "enable secret" command is used.[4] These newer methods use large salt values which prevent attackers from efficiently mounting offline attacks against multiple user accounts simultaneously. The algorithms are also much slower to execute which drastically increases the time required to mount a successful offline attack.[5]
Solutions like a security token give a formal proof answer by constantly shifting password. Those solutions abruptly reduce the timeframe for brute forcing (attacker needs to break and use the password within a single shift) and they reduce the value of the stolen passwords because of its short time validity.
Software
Main category: Password cracking software
There are many password cracking software tools, but the most popular[6] are Cain and Abel, John the Ripper, Hydra, ElcomSoft and Lastbit. Many litigation support software packages also include password cracking functionality. Most of these packages employ a mixture of cracking strategies, with brute force and dictionary attacks proving to be the most productive.
Subscribe to:
Posts (Atom)