RE: [despammed] Defeating password cracking
From: dave (dave@netmedic.net)
Date: 02/20/03
- Previous message: Jens Mickerts: "AW: Restricting CmdExec Rights to Sysadmin"
- In reply to: Levinson, Karl: "RE: [despammed] Defeating password cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "dave" <dave@netmedic.net> To: "'Levinson, Karl'" <LevinsonK@STARS-SMI.com>, <focus-ms@securityfocus.com> Date: Wed, 19 Feb 2003 19:18:28 -0500
Karl,
[snip]
If you haven't yet, I would want to test any new accounts and passwords that
you create to confirm whether you can use them in Recovery Console mode or
Directory Services Restore mode. My guess is if the character doesn't work
in L0phtcrack or a SAM-cracking utility, they very well might not work in
these modes... and that could leave you with a irreparable server when a
server disaster strikes.
[snip]
I have tested it with Recovery Console and yes it does work with the special
characters. I have not yet had the opportunity to test Directory Services
Restore. As soon as I do I will post my results.
So far I have tested this for use with the local system accounts, since that
is what the password recovery boot disks are usually used for. I will
experiment with it over network situations and application/exchange server
environments.
_____________________
Dave Kleiman
dave@netmedic.net
www.netmedic.net
- Next message: ATarasul@SpencerStuart.com: "RE: Windows station permissions, remote control programs,lower priviledge accounts"
- Previous message: Jens Mickerts: "AW: Restricting CmdExec Rights to Sysadmin"
- In reply to: Levinson, Karl: "RE: [despammed] Defeating password cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
