Read Latest Entries..: (Post #11) by abhiram on Aug 6 2006, 03:02 AM. (Line Breaks Removed)
On another note, bruteforcing a password to Windows may be enhanced by using a large number of nodes, but bruteforcing email passwords is capped by the bandwidth and the response time of the website. The only way out would be to have different computers try different sets of combinations on the website simulataneously. So, the power of the computer you are using has no effect on the cracking. It i... read more.
A Program recently came to my attention in a news article concerning DoS Attacks. This program includes .def (Definition Files) for Bruteforcing common E-Mail Providers such as:
...and more! And Definition Files can be made easily by anyone who is able to view the Source Code of a login page and find the names of the Username and Password variables. All it takes is someone who knows your login name and has time to burn. So keep your E-Mail password long or use a more secure E-Mail provider, and it wouldn't hurt to keep your Account Name a secret too. Knowledge is power, the more you know about the potential problems the better they can be avoided!
Blocking and preventing brute force attacks is one of the main things you want to do on your web server to add a layer of security. While someone might not be targeting your site or server specifically, they will have automated tools that will try to guess random usernames and passwords that are common against your system. They’re essentially forcing their way to user only authorized area’s of a system, such as FTP accounts, e-mail accounts, databases, script based administration areas and root or any shell access are most common attempts. They will try multiple login attempts, guessing usernames and passwords, trying to force their way onto your machine.
Well, I currently use Gmail, so I guess I'm not on the worry list, yet. I also have a Hotmail account, but I don't use that anymore, so it's basically useless. On the other hand though, keeping passwords long definitely does make a difference. It's also better to have a combination of letters, numbers and symbols and not just something like "thisistheworstdayofmylife". Long, yes, but "ei-2404f-skl3fde" might be a lot harder to guess. At least brute force attacks are easier to avoid than certain other ones. Just keep your guard up. And there's a lot of argument about writing those long passwords down versus not making long passwords at all. Truth is, writing down is definitely a whole lot safer. Sure, some people might see it, but at least that's only the people who have direct access to your house. So it's a lot easier to monitor those people and change your password periodically accordingly. On the other hand, if someone remote manages to get your password...you're, well, stuck. It's a lot more dangerous. And of course, that means changing your password every so often as well.
Also, I remember reading somewhere (can't find the forum) that someone would make formulas for all their passwords so that it's easier to remember. For instance, take the word "tactics" and add my hotel room number of last year's vacation at the end, then shift the first letter forward one, the second letter backward one, so on. Of course, the more complicated the formula the better, but that means that each different account you have will have a different password, and you just need to write down the base word for each account and apply your memorized formula. That way, even if a person had access to your sheet of written passwords, they'd have a hard time figuring out your real password.
password length does not matter if the password security is using hashes.. on the long run.. it may also help since the program will need to generate longer password text..
-- there are alot of arguments on the password lengths and i have done an experiment..
when i posted my email address and put a challenge to crack the password.. my email with 36 character password got cracked while my other email with 3 letter password remain intact..
perhaps the generators assumes that the password will be more than 3 characters long
...use a more secure E-Mail provider, and it wouldn't hurt to keep your Account Name a secret too.
Yup, i would agree with Shrike. There is actually nothing much that you can do to prevent brute force attack on your password. That responsibility actually lies with the e-mail providers. Choosing difficult and long password is of no use if the e-mail providers do not detect failed login and banned/staggered the login for some time. I'm lazy to do the math here but it doesn't take too long to brute force a password using our fast and cheap computer.
I don't use web based email simply because it's slow and unreliable. I prefer setting up my own emails in my astahost hosting account and using them. Much more simpler and way more secure. Plus with onboard email spam checkers you can configure how you want, overall it's just easier for me.
I don't use web based email simply because it's slow and unreliable. I prefer setting up my own emails in my astahost hosting account and using them. Much more simpler and way more secure. Plus with onboard email spam checkers you can configure how you want, overall it's just easier for me.
-HellFire
I am with you, since the time I have got my first hosting account, I started using my host own created email address, the only web-mail I use is GMail, but in fact, I only use the pop3 service they offer with an email client, besides usually your host has a web-mail in CPanel, like squirrel mail But anyway, I totally agree with you, web-mail can only be useful for me when you're somewhere not near your computer
It isn't a good idea to try to bruteforce email sites, especially sites like Yahoo! and Hotmail. These sites get more than their share of people trying to force their way in. Also, I would guess that they've got security measures installed which detect whether a person from a particular IP is trying to force his way through ... like so many number of failed attempts within so much time. Your IP will be logged and the host will notify your ISP, if not report you to the police if you repeatedly attempt to get access.
Also, bruteforcing can take ages. Since most email providers require that you use a password that is atleast 6 characters long, allowing alphanumeric and special characters, IMO there's absolutely no good in trying to use a bruteforcer for getting access to an account.
agree with abhiram on this fact. usually bruteforcing is useless... but i wonder how the 36 char long password got cracked... ?
anyhow, in this age of distributed attacking, anyone can set up a hacking network that has more than 20 computers and whose sole purpose is to try different ranges of password values. definitely, even a 10 char pass will look like a few hours job.
apart from that, with 90% of people using win XP/98 its far more easier to get into a rival's system. just some social engineering required .
On another note, bruteforcing a password to Windows may be enhanced by using a large number of nodes, but bruteforcing email passwords is capped by the bandwidth and the response time of the website. The only way out would be to have different computers try different sets of combinations on the website simulataneously. So, the power of the computer you are using has no effect on the cracking. It is different from bruteforcing an md5 hashed password protected local file.
Hello, I know most of you know but for beginner its a very important information. Gmail can host
your mails and has many very good properties as you all know. I had a new domain and was looking for
a good mail serving service which will not cost too many and will work better. After alot of
research I found that gmail is offering to handle your mails for domain name holders. The link is
above www.google.com/a . You can apply for google to host your mails and google will also offer you
the properties of stardart users have (like chat, docs and talk etc.).. I am using it....
Hello all. Recently I have noticed that my older Sent emails are disappearing from Outlook Express.
Anytime a Sent email gets to be more than approximately 2 months old, it disappears from my Sent
box. I have no idea where these emails go, but I can't find them. This is extremely annoying,
since anytime I need to check or verify something I wrote in an email more than 2 months ago, I am,
as they say, "sh%& outta luck." As far as I know, I have not instructed Outlook to automatically
delete old Sent items. As far as I know, I haven't instructed Outlook Exp....
I have spam in my inbox sent to astahost. @spamgourmet.com. Only astahost got this address, and
it's not likely some chinese spammers guessed it either. Nor do I post it on any posts, nor is
it viewable on my profile here on the site. Was there a user db compromise or is someone selling
email addresses?....
Evening all Basically I use firefox rather than IE, however when I sign in on msn and it tells me
that I've got an email, if I click to receive my emails on the email icon of msn, it goes to my
inbox via IE Is there any way of changing this to open automatically in firefox? IE bugs me with
how slow it is and opening emails is a nightmare, but I can't find anywhere to change it If
not, I might have to start using outlook or something, 'cus it's doing my head in! ....
Is there any free mail servers? But decent one. I had a 25 hosts network and I want a free mail
server that supports some useful features for networks that size.....
Over the past week the talks of Microsoft buying Yahoo! has not diminished. Recently Slahsdot
(http://tech.slashdot.org/article.pl?no_d2=1&sid=08/04/07/236215) published a note that points to
both a Microsoft press release
(http://www.microsoft.com/Presspass/press/2008/apr08/04-05LetterPR.mspx) and the Yahoo! reply
(http://yhoo.client.shareholder.com/press/releasedetail.cfm?ReleaseID=303369). The bottom line is
that Yahoo! hasn’t said no, they just want more money. In my mind the simple fact that Microsoft
has not backed down after the initial offer means they will se....
First of all, if this is not the correct place for this topic please an Admin move it accordingly.
Recently i read at the PHPBuilder.com website this excelent article Preventing spam when using
PHP's mail function that explains in a very easy way how to avoid spammers send their spam from
your own server. Generally speaking, almost all websites includes some kind of contact form which
is used to send emails with the php mail() function, this contact form can be used for a lot of
purposes like for example to send comments or sugestions, to report problems on you....
Have you tried this at home or in your Office? Have you tried rebooting your system at least
60 times over and over again just right after Power on, Self-Test without loading the OS. I have
tried this at home! and guess what a 'development' my PC achieved! I want you to try it
first, and share it to me and to the forum. Let's compare what you've observed. ....
Does some one now of a good program to make htmail docs and maybe a link of help for the ht mail
doucments turotial because im new to this stuff and i will be desigening my web site for a while so
i got time to learn all this stuff if someone could help me i would really appericate and be
thankful to the help anyone gives me thanks....
Hey! I know I am asking alot. But much is happening theese days. Sorry if I disturb with my
questions. The thing I am trying to do is: Ex. If the user becomes level 2, he should get 5 skill
points. I can't do this: CODE if($userlevel=5){ mysql_query("UPDATE user SET skillpoints
=$points+5");} because then it would update everytime the code was loaded. I hope you understand
what I am trying to do. If not, tell me /smile.gif" style="vertical-align:middle" emoid=":)"
border="0" alt="smile.gif" /> and i'll try to explain better. Thanks //Feelay....
I'm so irritated with the amount of spam I get on the email accounts I have hosted at AstaHost.
It isn't the servers fault that I get so much junk mail! It wouldn't be so bad but my junk
mail filter on my home system doesn't scan IMAP accounts which I use since my email client
won't separate POP3 accounts properly. So I finally got to the point I had to do something!
I'm getting about 25 junk mail messages a day spread over 5 different email accounts. If I go a
few days without checking my email, I have a lot of work to do to clean out the ....
While there are simpler methods to send email notifications via SMS, I am having to use quite a few
of redirects. My mobile service provider (Reliance) does not allow SMS to be sent from the Internet
using the standard (CountryCode)+MobileNumber@yourserviceprovider.net I want to receive
notifications for my GMail account. So here's what I did:- 1. Setup E-Mail forwarding to my
Yahoo! account. 2. Use a custom version of Pika Bot to set up a Trigger which calls a method of an
external assembly along with the Mobile number and the message (Mail from Mail From: %LastMa....
Hi, I am trying to allow my program to send emails via a smtp server. Everything seems to be working
the only problem is that i get an error response from the server saying QUOTE The SMTP server
requires a secure connection or the client was not authenticated. The server response was: 5.7.0
Authentication required The Code that I am using is CODE Private Sub SendMail() Dim
fromAddress As New MailAddress("from@mail.com", "Support") Dim toAddress As New
MailAddress(txtEmail.Text, "User") Dim msg As New MailMessage(fromAddress, toAddress)....
My ISP is quite special. I have a cable 512k connection from them, but it's shared between 10
users and in addition they won't troubleshoot it for me if i have more than one computer
connected. No wonder the IT infrastructure is 4th rate here. Anyways, my problem is that I
can't open any web page whatsoever. It just returns a page not found. But if i type in the IP
address, the page loads fine. This is something I don't understand much about, and I'm not
getting any help from my service provider for the above mentioned reasons. Is this a software pro....
Yahoo has added Yahoo Chat to Yahoo Mail. In other words when you are browsing your e-mails, and if
some of your contacts are online you can chat with them. You are immediatly signed on yahoo chat,
when your yahoo mail turns on. And in the left panel, next to contacts it says 0 online or 3 online,
depends on how many of your contacts or online. Then you can just put your mouse over where it
says how many of your contacts are online, click and you can pick with who you want to chat with.
It is pretty amazing, and I think that Yahoo Mail is getting better and better.....
While the mail() function of php is all bout simplicity, it lacks the otherwise necessary
flexibility. How do I send an E-Mail using php through SMTP?....
Hi all, Please check whether you can send mail using php! /unsure.gif"
style="vertical-align:middle" emoid=":unsure:" border="0" alt="unsure.gif" /> I cant send mails
after the cPanel upgradation process! /unsure.gif" style="vertical-align:middle" emoid=":unsure:"
border="0" alt="unsure.gif" /> I dont know whats happened with that!! Is it for my account only or
all are having the same problem?? Please guys, check it now and confirm it! Im having phpbb forum
my site! It was working fine without any problem! But after cPanel upgradation, php mail is not
functioning ....
Can anyone here tell me how to send mail through SMTP server with php /mellow.gif"
style="vertical-align:middle" emoid=":mellow:" border="0" alt="mellow.gif" /> I have search in many
source code on web and cant find anything /sad.gif" style="vertical-align:middle" emoid=":("
border="0" alt="sad.gif" />....
I read the one mail() tutorial that was posted in the tutorial section and to my horror found that
he had quoted almost verbatim from the PHP Manual off php.net, and made a comment about it, and also
found that if you were new to PHP or the Manual that it was informative but not indepth enough for
my tastes. This is not a tutorial although with the code that will be posted it might look like
one, that is not its intent or purpose. I have searched and found many so called tutorials about
MIME mail and boundries and all that but basically it either told me to use PHPMai....
I do not know why, but at first I just couldn't get any mail to be sent using my mail account,
but now all mail is returned to the sender with the following error: QUOTE PERM_FAILURE: SMTP
Error (state 10): 550 message to verify they are valid." I need help immediately!!!....
I have not been able to send mail through my e-mail account. I have my own domain and my current
email settings are as follows: Incoming Mail: mail.vjgamer.com Outgoing Mail: mail.vjgamer.com
Account Name: vjgamer (This is my default account/cPanel name.) Password: Same as my cPanel Password
Outgoing Mail Server - My server requires authentication (Checked) Settings... - Use same
settings as incoming mail server I have checked my MX settings in my cPanel. It was set to
vjgamer.com, so earlier today I changed it to mail.vjgamer.com. This did not work, I am gettin....
Before proceeding further, I have to state that this shall serve purely as a non-exhaustive guide.
All information provided in this guide are a compilation of my research and personal experience with
the subject. There is no guarantee, whether stated or implied, that will propel it your sales and
marketing efforts to greater heights. As there are many aspects to look into, I guess I shall go
easy first .. by touching on some fundamentals principles of good e-marketing practices A good
e-mail marketing campaign should fulfill the following criteria:: Opt-in Based In ....
In response to this topic . G-Mail is currently still in the beta phase right now. You can right
now sign up for a Google Account to use with other services like Google Groups and Google Answers
but you can't sign up yourself to get a G-Mail account right now, you need to be invited. To
get an invite just sign up on isnoop.net 's G-Mail spooler ! Unbelievably there are currently
over 40,000 invites available!....
Anyone see the recent Discovery Channel special on Pompeii? Anyway, if you didn't here's a
brief...debrief: /biggrin.gif' border='0' style='vertical-align:middle' alt='biggrin.gif' />
In August of AD 79, Mt. Vesuvius in Italy erupted, burying nearby Roman cities such as Pompeii and
Herculaneum with as much as 20 feet of ash and pumace. There was complete devastation in a
three-mile radius around the volcano. Scientists speculate that Vesuvius erupts with this much
force about every 2000 years...so as you can see, they think it could very well happen aga....
I am just wondering what you would do to validate against an email address, basically I want to know
what Regular Expression you would use to check for a valid format. I've seen so many different
ways of doing it, some I can definitely say can produce wrong results, but I'm not saying mine
is perfect either, basically I want to perfect it. Here's what I have, I use PHP's function
eregi for this, so case is not important. CODE ^ +@ +\. +( ? +)* What I wanted to
achieve was the first character of any email address should be a letter if I'....
I recently came across this question, so I wanted to make a general record for this. QUOTE hi
dear feriend! i sent an email by my account(XXXXXXXX@XXXXXXX.com) to my feriend but it went to bulk
box . how i can solve these problem!? Best Regards! This happens when any user in the world
clicks your email and Clicks SPAM. Those providers automatically notify others about it too and
finally your email starts going to bulk. I think there is a list of spam email addresses and domains
which are maintained at some place where various email providers can access. When som....
Looking for bruteforcing, e, mail, addresses, happen
*SIMILAR VIDEOS*
Searching Video's for bruteforcing, e, mail, addresses, happen
Express your Opinions, Thoughts or Contribute your information that might help someone here.
Ask your Doubts & Queries to get answers.. "Together, We enlight each other!"
Register FREE for AD-FREE
forum, Create your own topics, Ask Questions, track topics, setup
subscriptions & notifications and Get a Free Website w/ Email and FTP.
?
.
