RE: focus-ms@securityfocus.com
From: Fred Langston (Fred.Langston_at_guardent.com)
Date: 09/05/03
- Previous message: Dana Smith: "RE: Local Admins"
- Maybe in reply to: Kim Oppalfens: "RE: focus-ms@securityfocus.com"
- Next in thread: Sam Baskinger: "Re: focus-ms@securityfocus.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: 'Zachary Mutrux' <zmutrux@compumentor.org>, focus-ms@securityfocus.com Date: Fri, 5 Sep 2003 16:11:27 -0400
These are encrypted using a one-way hash; hence, the encryption is
irreversible by definition.
Fred Langston, CISSP
Senior Principal Consultant
W: 206.903.8147 x223 F: 206.903.1862 M: 425.765.3330
Seattle, WA www.Guardent.com
________________________________________
G U A R D E N T
Enterprise Security and Privacy Programs
-----Original Message-----
From: Zachary Mutrux [mailto:zmutrux@compumentor.org]
Sent: Friday, September 05, 2003 10:31 AM
To: focus-ms@securityfocus.com
Subject: RE: focus-ms@securityfocus.com
Thank you, Brian.
> "irreversibly"?
So the credentials are encrypted and stored in the registry after you
successfully authenticate to a domain controller. Then when a domain
controller is not available, you submit your credentials again, they are
encrypted again, and they are compared with the encrypted copy that is
cached. If they match, you get in.
It does seem to me that anything that can be encrypted can be decrypted.
Especially if the same method results in two encrypted copies that can be
compared. Does anyone disagree?
Zac
> -----Original Message-----
> From: Perry, Brian [mailto:Brian.Perry@phns.com]
> Sent: Thursday, September 04, 2003 7:32 AM
> To: Paulo Wilbert; Kim Oppalfens; simonis@myself.com; fala83@libero.it
> Cc: focus-ms@securityfocus.com; todd@toddschubert.com
> Subject: RE: focus-ms@securityfocus.com
>
>
> If I may....Quoting MS Security Resource Kit... pg.79
>
> Cached Credentials
> "By default, Windows NT, Windows 2000, and Windows XP cache the
> credentials of domain accounts used to log on to the network at the
> local computer. The credentials include the users name, password, and
> domain. Rather than storing the actual credential information, the
> information is stored in an irreversibly encrypted form and on the
> local computer."
>
> "irreversibly"?
>
> bp
---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------
---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------
- Previous message: Dana Smith: "RE: Local Admins"
- Maybe in reply to: Kim Oppalfens: "RE: focus-ms@securityfocus.com"
- Next in thread: Sam Baskinger: "Re: focus-ms@securityfocus.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
