Re: cached passwords
From: Bronek Kozicki (brok@rubikon.pl)Date: 07/26/01
- Previous message: H C: "RE: Trace of 139 attack?"
- In reply to: tbos1@sears.com: "cached passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <00c801c115be$d7b0c3e0$c503a8c0@waw.getin.pl> From: "Bronek Kozicki" <brok@rubikon.pl> To: <tbos1@sears.com>, <focus-ms@securityfocus.com> Subject: Re: cached passwords Date: Thu, 26 Jul 2001 12:36:30 +0200
> When a users logs into a NT machine, I was under the impression that the
> user profile is cached locally. If this is the case, the password must
> also be stored locally somewhere besides the SAM database. Can anyone
> confirm this and know if there is a way to secure this (providing there is
> a way to access the password).
easiest would be to disable caching, here's how you can set it in registry:
--- begin
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"CachedLogonsCount"="0"
--- end
Regards
B.
- Previous message: H C: "RE: Trace of 139 attack?"
- In reply to: tbos1@sears.com: "cached passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
