From: Larson, Chris (CLarson@xxxxxxxxx)
Date: Fri Aug 30 2002 - 09:57:20 GMT-3
I have Solar Winds Engineering edition and it definetly does not crack MD5
hashes if this is what was implied.
It would be very difficult to get a secret password from a config. At least
for you and me and probably a good portion of the world population but it
can definetly be done. If you use a known string to produced a hashed output
that was the same as the output in the config. This is known as a collision
and is totally possible to achieve. This would not mean that the underlying
strings are the same, but the result of the collision could be used to
compute the string within the config.
This was done in 1995 or 1996 by Hans Dobbertin of a German Security agency.
Dobbertin has been able to calculate a collision, or to find two inputs
that, through MD5, generates the same output. Calculating this collision
with only 10 hours on a personal PC.
On the good side, MD5 with HMAC has not been broken and it is considered
"computationaly infeasible" to do so.
----- Original Message -----
From: "Graham, John" <john.graham@cgey.com>
To: "'Volkov, Dmitry (Toronto - BCE)'" <dmitry_volkov@ca.ml.com>; "Graham,
John" <john.graham@cgey.com>; "'Owens, Michael'" <Michael.Owens@FMR.COM>;
"'Wright, Jeremy'" <JA_WRIGHT@admworld.com>; <security@groupstudy.com>
Cc: <ccielab@groupstudy.com>
Sent: Friday, August 30, 2002 7:48 AM
Subject: RE: Read Only Access For Telnet
> Sorry. My bad.
>
> Wrong link.
>
> www.solarwinds.net/Tools/Cisco_Networking/Password_Decryptor/
>
> -----Original Message-----
> From: Volkov, Dmitry (Toronto - BCE) [mailto:dmitry_volkov@ca.ml.com]
> Sent: 30 August 2002 12:46
> To: 'Graham, John'; 'Owens, Michael'; 'Wright, Jeremy';
> 'security@groupstudy.com'
> Cc: 'ccielab@groupstudy.com'
> Subject: RE: Read Only Access For Telnet
>
>
> >
> >
> > -----Original Message-----
> > From: Graham, John [mailto:john.graham@cgey.com]
> > Sent: Friday, August 30, 2002 5:11 AM
> > To: 'Owens, Michael'; 'Wright, Jeremy'; 'security@groupstudy.com'
> > Cc: 'ccielab@groupstudy.com'
> > Subject: RE: Read Only Access For Telnet
> >
> >
> > They obviously haven't done a web search then.
> >
> > http://www.kazmier.com/computer/cisco-noswing.html
>
> !!!!! This decrypts only Level 7 passwords.
> !!!!! This doesn't decrypt passwords encrypted with "enable secret"
command
>
> > -----Original Message-----
> > From: Owens, Michael [mailto:Michael.Owens@FMR.COM]
> > Sent: 28 August 2002 16:51
> > To: 'Wright, Jeremy'; 'security@groupstudy.com'
> > Cc: 'ccielab@groupstudy.com'
> > Subject: RE: Read Only Access For Telnet
> >
> >
> > The best way to solve this would be to use ACS with a TACACS+ database
> > utilizing AAA.
> >
> > The quickest way is to just use the enable secret command.
> > The Cisco decryption programs will not decrypt passwords set
> > with the enable
> > secret command. The enable password command should no longer
> > be used. Use
> > the enable secret command for better security. The only
> > instance in which
> > the enable password command might be tested is when the
> > device is running in
> > a boot mode that does not support the enable secret command.
> >
> > Enable secrets are hashed using the MD5 algorithm. As far as
> > anyone at Cisco
> > knows, it is impossible to recover an enable secret based on
> > the contents of
> > a configuration file (other than by obvious dictionary attacks).
> >
> > Michael C. Owens
> >
> > -----Original Message-----
> > From: Wright, Jeremy [mailto:JA_WRIGHT@admworld.com]
> > Sent: Wednesday, August 28, 2002 9:42 AM
> > To: 'security@groupstudy.com'
> > Cc: 'ccielab@groupstudy.com'
> > Subject: Read Only Access For Telnet
> >
> >
> > I have a remote location that is needing read only access to
> > my router. I
> > know you can decrypt the encrypted password in the show run
> > and I want to
> > eliminate the possibility of them doing that. What is the best way to
> > accomplish this?
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > ************************
> > Jeremy Wright
> > Network Analyst
> > Archer Daniels Midland
> > ja_wright@admworld.com
> > (217)451-4063
> >
> > ************************
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:42 GMT-3