Saturday, August 13, 2005

Dictionary attack

A dictionary attack is a method to break a password based authentication system using a huge subset of dictionary words. Usually an automated program is used to try out a list of common passwords and/or usernames in combinations until access is gained into the target system.

Some hacker sites allow you to download dictionaries for such attacks. They contain massive lists of words used in a particular language. Dont think that you can get away with using native word as a password. I've seen dictionaries for pretty much every language out there. That is why some sites or even your corporate security policy doesnt allow you to use simple words as passwords. They mandate the use of a combination of alphanumeric and special characters for passwords.

Some moron has been trying to get into my server with a dictionary attack method. Here is the list of usernames that have been tried so far: dictionary-attack.txt. Notice that the hacker has tried the combination of username "root" and password 909 times!!!

Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?

Copyright Anand Jain 2004, 2005. All rights reserved.