Audit Oracle and UNIX Password Security

ElcomSoft, a leader in password recovery, has added support for Oracle and UNIX passwords to Elcomsoft Distributed Password Recovery v. 2.10. One weak password on an Oracle or UNIX/Linux computer can compromise the entire network. The latest version of ElcomSoft's Windows password recovery application makes it easy for system administrators to regularly audit all of the passwords on the network, including Oracle and UNIX passwords, to ensure that they comply with corporate security policies. By loading widely-available Oracle and UNIX system hashes into the application, administrators can identify weak passwords, and make appropriate corrections.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend

Moscow, Russia (PRWEB) December 20, 2007

ElcomSoft, a leader in password recovery, has added support for Oracle and UNIX passwords to Elcomsoft Distributed Password Recovery v. 2.10.

One weak password on an Oracle or UNIX/Linux computer can compromise the entire network. The latest version of ElcomSoft's Windows password recovery application makes it easy for system administrators to regularly audit all of the passwords on the network, including Oracle and UNIX passwords, to ensure that they comply with corporate security policies. By loading widely-available Oracle and UNIX system hashes into the application, administrators can identify weak passwords, and make appropriate corrections.

The software also gives administrators a comprehensive solution for recovering passwords for files and systems when employees forget their Windows, Oracle, or UNIX passwords, or when they deliberately modify passwords in an effort to sabotage their companies.

For years, ElcomSoft's family of products has offered password recovery solutions for Microsoft products, including Office 97/2000/XP/2003/2007 documents, Adobe Acrobat PDF files, PKCS#12 certificates, LM/NTLM hashes used in Windows NT/2000/XP/2003 logon passwords, PGP private keys, PGPDisk, PGP Whole Disk Encryption, Microsoft Money and OneNote, Intuit Quicken, Lotus Notes ID files, and MD5 hashes.

Elcomsoft Distributed Password Recovery v. 2.10 now supports the additional tens of millions of UNIX users worldwide. All UNIX/Linux password hashing algorithms are supported, including Traditional DES, BSDi DES, Kerberos AFS DES, OpenBSD Blowfish, FreeBSD MD5, PHPass MD5, and Apache MD5.

In addition, the software now supports millions of Oracle users. Oracle dominates the relational database management systems (RDBMS) market. According to figures released earlier this year by Gartner, Inc., Oracle has a 47.1 percent (and growing) market share of the RDBMS market, with 2006 revenues of more than seven billion US dollars. ElcomSoft's new Oracle software works with both the old DES-based Oracle hash, and the new v11 SHA1-based hash.

Before Distributed Password Recovery, the most effective way to recover a lost password was to put the locked file on the fastest machine in the company, and use brute force to attack the password. Distributed Password Recovery lets you coordinate all of the unused computing power of every computer on your LAN or WAN, and use distributed processing to restore the lost password, which makes the brute-force attack very effective even for documents where strong encryption is being used.

Distributed Password Recovery installs "Agents" onto as many computers on the network as the user desires. Each of these Agents uses brute force to try to recover the lost password. The program ensures that these Agents work together, and combine their computing power to find the lost password. The more computing power available, the faster the recovery speed.

Another module of the program, the Console, is designed to manage the Agents. This solution is best for big enterprises with thousands of clients, when employees leave without un-protecting their mission-critical documents.

Distributed Password Recovery can be easily installed in enterprise networks with thousands of computers, and generates little traffic. The Agents work in the background without interfering with other programs. That is, they use the CPU only when it is in its idle state. An administrator can get a report about the work that is done. When a password is restored or a document is decrypted, the program informs the administrator by e-mail, and starts processing the next task. Using the Console, an administrator can also keep statistics.

Elcomsoft Distributed Password Recovery v. 2.10 runs on Windows 2000/XP/2003/Vista, and requires 13 MB of hard disk space on the server and 8 MB on every client. The program interface may be set to run in English, Russian, German, and Japanese. Prices begin at $599(US) for networks with up to 20 clients/Agents. For more information and a free trial version of Elcomsoft Distributed Password Recovery, please visit http://unix.elcomsoft.com.

About ElcomSoft Co.Ltd.:

Established in 1990, ElcomSoft Co. Ltd. provides state-of-the-art computer forensics tool development, computer forensics training, and computer evidence consulting services. Since 1997, ElcomSoft has been providing support to businesses, law enforcement, military, and intelligence agencies. ElcomSoft tools are used by most of the Fortune 500 corporations, many branches of the military all over the world, many foreign governments, and all major accounting firms. ElcomSoft and its officers are members of the Russian Cryptology Association and the Microsoft Business Connection program. ElcomSoft is a Microsoft Gold Certified Partner and an Intel Software Partner.

###


Contact

Attachments

EDPR screen shot

Screen shot of Elcomsoft Distributed Password Recovery console