Relative Security Provided by Cached Domain Credentials?

• Previous message: Sergey V. Gordeychik: "RE: IE questions"
• Next in thread: Joshua Feek: "Re: Relative Security Provided by Cached Domain Credentials?"
• Reply: Joshua Feek: "Re: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Zack Schiel: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Sergey V. Gordeychik: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kim Oppalfens: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Langston, Fred: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kim Oppalfens: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Sergey V. Gordeychik: "RE: Relative Security Provided by Cached Domain Credentials?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 7 May 2004 08:05:36 -0500
To: <focus-ms@securityfocus.com>

First post from a relatively new subscriber to this list, so forgive me if this has been discussed previously...
 
On a related note to part of the discussion in the 'Restricting change of local admin' thread, does anyone know of a non-brute force way to break the encryption on cached domain credentials?  Local accounts are easily modified or reset, but I'm not aware of any similar exploits for cached domain credentials.  Given that EFS' effectiveness to secure laptop-stored data in a domain environment lives and dies by the security of the cached credentials, I'm curious to know just *how much* more secure they are.
 
-Zack-

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: Sergey V. Gordeychik: "RE: IE questions"
• Next in thread: Joshua Feek: "Re: Relative Security Provided by Cached Domain Credentials?"
• Reply: Joshua Feek: "Re: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Zack Schiel: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Sergey V. Gordeychik: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kim Oppalfens: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Langston, Fred: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kim Oppalfens: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
• Maybe reply: Sergey V. Gordeychik: "RE: Relative Security Provided by Cached Domain Credentials?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]