I am not a hacker, But...

  • Thread starter Thread starter C.Lynch
  • Start date Start date
C

C.Lynch

My CFO ask me if there is a way for someone that is a
user on our network to get into other user's machine? I
have tried this by just typing //192.168.1.2/admin$ and
it does ask for a username and password. Is this easy to
break? What is the best way to test our user's passwords
to see if they are good enough? thanks for any help..


Chris.
 
C.Lynch said:
My CFO ask me if there is a way for someone that is a
user on our network to get into other user's machine? I
have tried this by just typing //192.168.1.2/admin$ and
it does ask for a username and password. Is this easy to
break? What is the best way to test our user's passwords
to see if they are good enough? thanks for any help..


Chris.
Click to expand...



Try C$ or IPC$ (Use a blank uid/passwd with the IPC$ share from a DOS box
and Net use)

You might also want to read this
http://home.att.net/~lohkee/password_cracking_scams.htm

Lohkee!
 
What platforms are you running? What is your password policy? What
services are running on your workstations and servers? What network
authentication protocols are you running?

From a technical standpoint, there is really no point in testing users
passwords, if a good password policy is enforced. How likely are your users
to share passwords?
 
Back
Top