Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Website Warnings - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Website Warnings

We received an email today from a lady who runs a website that helps to look for and locate missing children. She has been using Google Alerts to get the information out about the children they are trying to locate.   Unfortunately someone has compromised one of the links and it was passing infections to those who have visited the page.  The lady was really disappointed and angry that someone would do something so awful to such a good cause.

Unfortunately this is happening more often than you realize.  Websites that are trying to improve our world, trying to help those who can't help themselves, business websites and social networking sites have all fallen victim to these bad players.

As I mentioned in my diary yesterday we had a customers website that was Gumblar'd.  We disabled the website and changed the FTP and Admin password on the account.  It was really a good thing that we did.  I checked my logs this morning and sure enough - the perp that compromised the account must have discovered that his little BOT had died and was attempting to login last night to revive it.  Fortunately they were unable too and now we have firewalled them so that they can't  get to any of our servers again.

So this is just a word of warning.  You can't be sure that you will not visit a website that has some malware imbedded so make sure you protect yourself.  Make sure that you use a good anti-virus, make sure that you use a firewall, make sure that you use good, strong passwords and change them often.  There are several sites on the Internet that will tell you how strong you passwords are. A couple that I have used are:

www.microsoft.com/protect/yourself/password/checker.mspx

www.securitystats.com/tools/password.php

We all need to do our part to minimize the damage done by the bad guys and try to help to teach our friends, relatives and neighbors to protect themselves as well.  To all of you that do, thanks a bunch.  You help to make our Internet a safer place for all.

Deb Hale Long Lines, LLC

Deborah

278 Posts
ISC Handler
The password test over at securitystats.com makes me a bit confused.

If you check the password "abc" the test says mid-strenght.
"12345678" get half of the strenght the "abc" got.

"abc" = 36^3 = 46.656 possible combinations

"12345678" = 36^8 = 2.821.109.907.456 (!) possible combinations

(special characters excepted)

So where's my error in reasoning?
Anonymous
Password strength is usually taken to be the entropy: L * (Log N / Log 2) where L is the length and N the number of symbols.

"abc" => 3 * (Log 52 / Log 2) = 17.1 (assuming alpha symbols only)

"12345678" = 8 * (Log 10 / Log 2) = 26.6 (assuming numeric symbols only)

I guess the site is using its own scoring mechanism.
Damien

1 Posts
To which of course - Both of those websites are NOT https and therefor not secure. Now, go change your passwords again ;)
Jason

7 Posts
According to Microsoft - Ye%s4e - is a weak password. Thanks, Microsoft.

Using your formula.

"Ye%s4e" => 6 * ( Log (26+26+10+28) / Log 2 ) = 39.0(assuming 26 upper alpha, 26 lower aplha, 10 digits, and ~!@#$%^&*()-=+_\][{}/<>?'";: as allowed symbols).
Jasey

93 Posts
Two interesting links:
Both think this is very strong: Absalon06
Both think this is weak: c196e35a5fd79622f878c3edca77ff5b

And more surprising both think Microsoft.com is strong as a password.

Does anybody know about a place to make a valid test of password strength?
Sten

4 Posts
You can also try this site to test your password: passwordmeter.com

According to this site, Absalon06 and Hex string is just strong
Guy

427 Posts
ISC Handler
Thanks, this is better but far from good:

Absalon06 --> 60%
Absalon06-- --> 82%
Absalon06---- --> 0% (very weak)
ae345ge3r5789654 is very weak!
ae345ge3r57896 is strong!

It seems that evaluating password strength is a challenge.
Sten

4 Posts

Sign Up for Free or Log In to start participating in the conversation!