Password-cracking traffic

Password-cracking traffic can be detected by observing numerous error messages from a target host directed to a client that repeatedly and unsuccessfully attempts to log in. There are two general types of password cracking attempts:

• Dictionary attacks work from a list of common words, names, and numbers
• Brute force attacks use a sequence of characters, numbers, and key values

Both of these types are often thwarted by login security measures that lock out an account after a short number of failed login attempts.