Monday, January 7, 2013

Cisco type 5 encryption (MD5) is not strong enough to secure passwords on the configuration file

The salt is put on top of the password string. That means it's quite easy to make a rainbow table for it or simply try every possibilities. You see the importance in storing the configuration file in a secure manner (with an access control and an encryption) when the configuration file is stored out of the box. Remember, there is no mechanism protecting passwords from a massive amount of attempt.

Decrypting Cisco type 5 password hashes

Interesting reading:
25-GPU cluster cracks every standard Windows password in <6 hours