What's a dictionary attack?Dave, our IT people just sent out a note warning about "dictionary attacks" on our server, but I really have no idea what a dictionary attack is. Can you enlighten me? The first time I heard this phrase, I have to admit that I had visions of mad academics chasing after innocent people, hurling weighty tomes and yelling obscure and polysyllabic imprecations, but it turns out that a dictionary attack is much more plebeian and mundane. There are really two different kinds of dictionary attacks that I know of, actually, so let's start with the simpler: hackers know well that most people do a terrible job of picking passwords, so if they can figure out what account names to try, they can use a program to automatically try thousands of different possible passwords to break into accounts remotely. For example, if you were to look at my email and determine that my account name is taylor and that my server was intuitive.com, then you could ostensibly feed a dictionary of common names, for example, to try and log in to my server, from Aaron to Zebediah, hoping that I have a simple password. That's a login dictionary attack. The other, perhaps more common dictionary attack, is one that spammers use: if you know that my mail server is intuitive.com and that email addresses are simply something at that domain name, then one brute force way to figure out what email addresses are valid on my server is to send a message to every possible address and see which ones bounce. That's an email dictionary attack. Anyway, when your IT people are talking about dictionary attacks, you should read that as a reminder to make sure you have good, complex passwords and that you should not have a mail system with "catch all" addresses, where any mail sent to an unknown destination get automatically delivered.
Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Simpy.
Categorized:
Computer and Internet Basics
(Article 4044)
Tagged: Previous: What's business ERP? Next: Can't add signature to Apple Mail.app in Mac OS X Tiger? Subscribe!
Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.
Rather amazingly, there are no comments on this article yet.
I have a lot to say, but ...
I do have a comment, now that you mention it!
|
Search
Find just the answers you seek from among our 1700+ free tech support articles by using our Lijit search engine.
Help!
Subscribe to
Ask Dave Taylor! 
Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.
Articles and Reviews
Auctions and Online Shopping Blogs and RSS Feeds Building Web site traffic Business and Management Cell Phones and Mobile Phones CGI Scripts and Web Site Programming Computer and Internet Basics d) None of the Above HTML and CSS Mac OS X Help MySpace, Facebook, Twitter and Social Network Help Pay Per Click (PPC) Search Engine Optimization Shell Script Programming Sony PSP, MP3 Players, Etc. The Writing Business Unix and Linux Help Video Game Tips and Help Windows Help
Recent Entries
Join the List!
Book Links
|
Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.
![[whiteboard marker tray]](/Graphics/marker-tray.gif){kind=small}
