In fact, Mendax had
penetrated Telecom's systems from NorTel's CORWAN, not the other way
round.
Perhaps to prove the point, Mendax decided to crack passwords to the
NorTel system. He collected 1003 password files from the NorTel sites,
pulled up his password cracking program, THC, and started hunting
around the network for some spare computers to do the job for him. He
located a collection of 40 Sun computers, probably housed in Canada,
and set up his program on them.
THC ran very fast on those Sun4s. The program used a 60000 word
dictionary borrowed from someone in the US army who had done a thesis
on cryptography and password cracking. It also relied on `a
particularly nice fast-crypt algorithm' being developed by a
Queensland academic, Eric Young. The THC program worked about 30 times
faster than it would have done using the standard algorithm.
Using all 40 computers, Mendax was throwing as many as 40000 guesses
per second against the password lists. A couple of the Suns went down
under the strain, but most held their place in the onslaught. The
secret passwords began dropping like flies. In just a few hours,
Mendax had cracked 5000 passwords, some 100 of which were to root
accounts.
Pages:
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533