• Subject: RE: AS/400 on alt.hacker
  • From: "Dan Bale" <dbale@xxxxxxxxxxx>
  • Date: Tue, 21 Sep 1999 12:39:48 -0400



Ed,

Thanks for the post.  I had not seen this before, so this was news to me.

I, and I think others on this list, are waiting to see if anyone takes up the
"challenge" of cracking the AS/400 user ID and password, as offered by Leif(?).
How high do you think IBM would jump if this were accomplished?

But you got me thinking about using Remote Client Access to connect to an AS/400
through an ISP from home.  From what I understand, this is all unencrypted, so
anyone using "packet capture software" should be able to pick up my user ID and
password with little difficulty.  However, how will anyone know to "capture"
_my_ connection?  Would the person capturing be "sitting/waiting" on the
AS/400-side of the transmission or would he have to be monitoring my end of the
connection?  If the latter, what are the chances that someone would know that I
do this?  It's not like I put a sign out in front of my house advertising this
fact.  I do an awful lot of surfing, so a "cracker" would have to have a pretty
boring life waiting around for me to connect to our AS/400 from home.

- Dan Bale

____________________ Original Message ______________________

I have not seen this info posted here, if I am repeating someone else I
apologize.

There is software called l0phtcrack.  This software can obtain most
passwords on an NT domain within 60 seconds if the user can access the
registry, sams file, or password file.  It can obtain passwords by just
listening on the network without signing on by using SBM packet capture.

What does this matter on the AS/400?  If you are like many organization,
your users have the same password on the network as the AS/400.  If a hacker
can hack at a weaker NT platform for a password, he can usually use it on
more secure platforms such as the AS/400.

The site is at http://www.l0pht.com/

In some cases the AS/400 is easier to capture passwords on.  If you are
using Telnet, FTP, or using a router such as NetSoft Elite, or NetWare SAA
to connect to the AS/400, then your passwords are probably going over the
wire without any encryption.  I have successfully captured user ID's and
Password by using a packet capture software.  The capture is in ASCII
format, so I convert it to EBCDIC and I have the user ID/Password.

PS:I am involved in securing my network, not in breaching others.





+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.