Re: pwdump 2 & 3
From: Chris Buechler (cbuechler_at_gmail.com)
Date: 12/17/04
- Previous message: Clement Dupuis: "RE: Volunteer pen testing"
- In reply to: miguel.dilaj_at_pharma.novartis.com: "Re: pwdump 2 & 3"
- Next in thread: Barrie Dempster: "Re: pwdump 2 & 3"
- Reply: Barrie Dempster: "Re: pwdump 2 & 3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Dec 2004 18:22:02 -0500 To: "miguel.dilaj@pharma.novartis.com" <miguel.dilaj@pharma.novartis.com>
On Thu, 16 Dec 2004 10:39:17 +0100, miguel.dilaj@pharma.novartis.com
<miguel.dilaj@pharma.novartis.com> wrote:
>
> Take into account that the caching can be (and should be? ;-) disabled
> with the following registry key:
> HKLM\SOFTWARE\MICROSOFT\WINDOWS
> NT\CURRENTVERSION\WINLOGON\CACHEDLOGONSCOUNT (change it to 1 to disable
> the caching)
Also, FYI, you can set this domain-wide in group policy if you have
Active Directory. Under Computer Configuration, Windows Settings,
Local Policies, Security Options. "Interactive logon: Number of
previous logons to cache (in case domain controller is not available)"
Keep in mind if you disable this completely on laptops, users won't be
able to log into their domain account when disconnected from the
network. You could maintain local user accounts for field use, but
that would create a support nightmare. Depends on your environment,
your policies, and the level of risk.
-Chris
- Previous message: Clement Dupuis: "RE: Volunteer pen testing"
- In reply to: miguel.dilaj_at_pharma.novartis.com: "Re: pwdump 2 & 3"
- Next in thread: Barrie Dempster: "Re: pwdump 2 & 3"
- Reply: Barrie Dempster: "Re: pwdump 2 & 3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
