Password Guessing A PROGRAM DESIGNED TO "GUESS" A USER'S PASSWORD CAN TRY THOUSANDS OF POSSIBILITIES. THE OBVIOUS ONES: USER'S NAME USER'S INITIALS EMPTY PASSWORD . . . THE LIKELY ONES ALL THE WORDS IN SOME ON-LINE DICTIONARY IF THE ATTACKER CAN OBTAIN A COPY OF THE (ENCRYPTED!) PASSWORD, NO EVIDENCE OF THE EFFORT NEED BE VISIBLE.

The Web: Technologies and Techniques Links to other course pages: CS 105 Home Page CS 105 Lecture Schedule CS 105 On-line Discussion Group: All discussions Discussion relating to this lecture topic Williams College Department of Computer Science

This page is part of a section of lecture slides related to " The Internet Worm " within the topic "Computer Security: A Case Study?". Other slides within this section and other sections of slides for the topic "Computer Security: A Case Study?" can be accessed using the links below. Paranoia Raising Some Sample Security Problems The Internet Worm The Internet Worm What was "The Worm"? Finding Machine Names How the Worm Broke in Password Guessing The SENDMAIL "Trap Door" The Finger Server Bug Computer Memory Organization Computer Memory and Program Variables Memory Overflow The Finger Bug It Couldn't Happen Again! Could it?