Relative Security Provided by Cached Domain Credentials?

From: Zack Schiel (ZSchiel_at_blueandco.com)
Date: 05/07/04

  • Next message: Sergey V. Gordeychik: "RE: Restricting the change of the local administrator account password."
    Date: Fri, 7 May 2004 08:05:36 -0500
    To: <focus-ms@securityfocus.com>
    
    

    First post from a relatively new subscriber to this list, so forgive me if this has been discussed previously...
     
    On a related note to part of the discussion in the 'Restricting change of local admin' thread, does anyone know of a non-brute force way to break the encryption on cached domain credentials?  Local accounts are easily modified or reset, but I'm not aware of any similar exploits for cached domain credentials.  Given that EFS' effectiveness to secure laptop-stored data in a domain environment lives and dies by the security of the cached credentials, I'm curious to know just *how much* more secure they are.
     
    -Zack-

     

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Sergey V. Gordeychik: "RE: Restricting the change of the local administrator account password."