18.104.22.168 Brute Force
In a Brute Force attack, muscle (in this case, CPU and/or network muscle) is applied to break through a particular security mechanism, rather than using particular intelligence or logic. Brute force is most commonly applied to password guessing, taking advantage of computer power available to an attacker, to try every possible password value, until the right one is found.
Even just a couple years ago, brute force was considered difficult due to the lack of lost cost processing capable of the sheer crunching power needed. Today, the AMD 2200XP processor costs less than $100 USD and the 3000XP (Morgan CPU) is shipping.
That puts the brute force method within reach of anyone. Rather than go on with the usual blah blah about strong passwords, we are encouraging you to follow the footnote to a free Brute-Force Password Cracking Simulator87. Play with this simulator and you will discover that, in general, the longer the password, the more difficult a brute force attack becomes. Note that password cracking techniques have improved considerably since this simulator was written. Real world password crackers today are much faster.
The simulator program is less than one megabyte in size and runs in Windows. Instead of actually attempting to crack a stored password, you just set the variables (including testing a real password) and it will calculate how long the brute force method takes. In one test Brute Force with a 1.5Ghtz processor would take 170 years, 309 days, 21 hours, 32 minutes, and 22 seconds to crack 4July1776. However, a dictionary password program would rip that same password almost instantly.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.