Homework 2 - Computer Security

Due:     Friday, September 17, 2004 @ 5 PM

Book Problems [10 pts each]

1.3, 1.12, 1.19

Practical Work [20 pts / file - 3 total files]

Using a cracking tool of your choosing, try to crack as many passwords as possible from the following password files:

 

Password File 1
Password File 2
Password File 3

In your solution set, list the filename, the total number of passwords cracked, and a listing of user / password in a tabular or tabbed format.  Please list the utilities used, the type of computers/OS, and an approximation of the amount of CPU time (total employed).

passwd1     2 passwords

NotreDame   irish

login       login

passwd2     1 password

striegel    striegel

passwd.demo 0 passwords

Utility:    John The Ripper

Computer:   1x    Itanium2 @ 900 MHz,    RedHat Adv Workstation 2.1

CPU Time:   0h 0m 2 sec

(Hint: None of these passwords are really in the files listed above)

 

Help on installing John the Ripper under UNIX

Your score for each of the files will be based on how many passwords you got versus the maximum number of passwords cracked (i.e. if you get 8 and the maximum number cracked for the file is 12, you get 8/12 * 20 = 13.33 points).

Follow-up [5 pts]

Based on your experience with the various cracking tools, what characteristics make a password much more difficult to crack?