NT4, IPC$, and password hashes

From: RUSSELL T. LEWIS (RUSSELL_T._LEWIS@spectralresponse.com)
Date: 07/25/02


From: "RUSSELL T. LEWIS" <RUSSELL_T._LEWIS@spectralresponse.com>
To: security-basics@securityfocus.com
Date: Thu, 25 Jul 2002 15:16:45 -0400

I've got an NT 4 SP6a Workstation that I'm hardening and I've patched it all the
way with HFNETCHK, and done ton of registry hacks, turned off services, etc.
However, if I type \\COMPUTERNAME on my network I can get a IPC$ and LoftCrack3
can extract the password hash, which I've already cracked the lanman hash. The
crack DID take forever (17days 5hrs 27min) on a p4 2.53GHz over clocked to 2.75
GHz, but I don't like the fact that the hash can be obtained.

How do I prevent LC3, or anyone from getting the password hash?
I did a few registry entries that were supposed to restrict remote registry, but
it seems that didn't work, or isn't enough.
Thanks for any help!
-Russell



Relevant Pages

  • RE: NT4, IPC$, and password hashes
    ... // How do I prevent LC3, or anyone from getting the password hash? ... // I did a few registry entries that were supposed to restrict ... did you set 'enumerate shares' to restrict anon? ... Did you also try to get the C$, ADMIN$, IPC$, LPT$ through 'net use'? ...
    (Security-Basics)
  • RE: NT4, IPC$, and password hashes
    ... NT4, IPC$, and password hashes ... way with HFNETCHK, and done ton of registry hacks, turned off services, etc. ... or anyone from getting the password hash? ...
    (Security-Basics)
  • RE: NT4, IPC$, and password hashes
    ... It is my understanding that NTLM is not GRAS, ... NT4, IPC$, and password hashes ... way with HFNETCHK, and done ton of registry hacks, turned off services, etc. ... or anyone from getting the password hash? ...
    (Security-Basics)
  • Re: Article: Introducing the Dell De-Crapifier┼á
    ... comes pre-loaded with a ton of garbage software that brings your new machine ... loads in the Run key in the registry and filling up the toolbar ... Along with that comes DVD player apps, media players, dvd ... burning software, nagware for ISP hosting services, and a host ...
    (comp.sys.mac.advocacy)
  • Re: remove build number
    ... Microsoft-MVP Windows® XP-Shell/User ... 2004 Windows MVP "Winny" Award ... its always safer to use a program instead of editing the registry. ... These are not "registry hacks". ...
    (microsoft.public.windowsxp.customize)