RE: question regarding SAM file / l0phtcrack / pwdump2
From: Erik Birkholz (erik@foundstone.com)Date: 12/20/01
- Previous message: Nuno Martins: "VNC over SSH"
- Maybe in reply to: Mike Shaw: "question regarding SAM file / l0phtcrack / pwdump2"
- Next in thread: calyth: "Re: question regarding SAM file / l0phtcrack / pwdump2"
- Next in thread: mike.borkin@gm.com: "RE: question regarding SAM file / l0phtcrack / pwdump2"
- Reply: calyth: "Re: question regarding SAM file / l0phtcrack / pwdump2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Erik Birkholz <erik@foundstone.com> To: 'H C' <keydet89@yahoo.com>, Evan Mann <emann@questinc.org>, focus-ms@securityfocus.com Date: Wed, 19 Dec 2001 16:32:20 -0800
HC and Evan,
I agree. To take that further, why not create an AD group policy that
forces out auditing, password length, complexity, history, age, account
lockout, etc to all your servers.
For more information on this and a week of Mardi Gras; why not check out
BlackHat Windows in February?!?
This topic will be discussed by Rooster
http://www.blackhat.com/html/win-usa-02/win-usa-02-spkrs.html#Raymond%20Forb
es
and our very own Focus-MS member, Laura Robinson
http://www.blackhat.com/html/win-usa-02/win-usa-02-spkrs.html#Laura%20A%20Ro
binson
-Erik B
*********************************************
* Erik Pace Birkholz, CISSP, MCSE
* Principal Consultant
* Foundstone National Attack & Penetration Team
* http://www.hackingexposed.com/win2k/auths.html
-----Original Message-----
From: H C [mailto:keydet89@yahoo.com]
Sent: Wednesday, December 19, 2001 12:24 PM
To: Evan Mann; focus-ms@securityfocus.com
Subject: RE: question regarding SAM file / l0phtcrack / pwdump2
> So now that I see for my own eyes what a joke it
> would be to get into my
> network with a simple SAM dump, what advise do you
> offer for fixing these
> problems?
I see what you mean, particularly if your (or any
other administrator) password is included in that
first batch of 75%. After all, isn't admin access
required to dump the SAM?
> Yes, 95% of the users passwords are < 8 characters,
> and many of them either
> all numbers or all words. So I see one easy way is
> to make a minimun length
> of 8-10 char with combo of letters/#'s.
>
> What else?
Why not follow some of the simple steps put forth by
Microsoft in the first place. I didn't catch if you
were on NT or 2K (late to the thread, sorry) but what
about installing PASSFILT.DLL on your systems, setting
minimum password lengths, enabling password histories,
enabling auditing, etc. Ntsecurity.nu has
'strongpass.dll' which can enhance the restrictions on
passwords even further.
__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com
- Previous message: Nuno Martins: "VNC over SSH"
- Maybe in reply to: Mike Shaw: "question regarding SAM file / l0phtcrack / pwdump2"
- Next in thread: calyth: "Re: question regarding SAM file / l0phtcrack / pwdump2"
- Next in thread: mike.borkin@gm.com: "RE: question regarding SAM file / l0phtcrack / pwdump2"
- Reply: calyth: "Re: question regarding SAM file / l0phtcrack / pwdump2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
