Abstract
Purpose – This paper concentrates on the comparison of security auditing tools specifying password cracking tools based on different matrices. Passwords are the most popular and dominant means of access control in every authentication process. Every password is vulnerable in the virtual world; all we can do is to delay it for one to break into us. Password cracking used in two opposite intentions; either it can be used for an administrator to protect from unauthorized access and for users to recover forgotten passwords or for an intruder to break into a secure system.Method – A great number of attacks on many systems are related to passwords. Awkwardly, the randomness and length of user-chosen passwords remain the same over time, but in contrast, hardware enhancement continuously gives intruders increasing computational power. So, password cracking has been one of the favorite vulnerable aspects for intruders to gain access to any unauthorized system. Among all available freeware password cracking tools, we choose five renowned tools based on offline and online categories.Results – Cain and Abel is the winner in the offline category, and TCH-Hydra is the winner in the online category in their performance among the tools we have tested.Conclusion – In this paper, the data has been collected by testing each tool several times in different systems as well as all tools in the same system based on different matrices. We have come to a knowledgeable result by comparing data among themselves. The results of the comparison will help in the adoption and usage of these tools and also promote the development and usage of security auditing tools.Recommendations – The results of the comparison will help in the adoption and usage of these tools and also promote the development and usage of security auditing tools.
Highlights
Security review and security audit is a critical and essential task to perform for all organizations
This paper concentrates on the comparison of security auditing tools specifying password cracking tools based on different matrices
We will mention this machine with the name “Computer 1,” and the other one has the configuration of Processor: Intel(R) Core(TM) 2 Duo CPU E7500 @ 2.93GHz (2 CPUs), ~2.92 GHz & Memory (RAM): 2048 MB
Summary
Security review and security audit is a critical and essential task to perform for all organizations. There are many password cracking tools available but among them, the popular ones are Cain & Abel, John the Ripper, Ophcrack, TCH-Hydra & Medusa (‘Password auditing – SecTools Top Network Security Tools’, n.d.). They mainly use brute force attack and dictionary attack to crack the password. Cain & Able: Cain & Abel (often abbreviated to Cain) is a password recovery tool for Microsoft Windows & created independently of Microsoft It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using a dictionary, brute-force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords, and analyzing routing protocols. Zhang et al analyzed different loud security auditing protocols and recommended that auditing mechanisms need to be designed to maintain trust and transparency within the cloud environment (Zhang, Wuwong, Li, & Zhang, 2010)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Computing Sciences Research
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
