Re: User Accounts and Passwords question....

From: Karl Levinson [x y] mvp (jamescagney90210@excite.com)
Date: 12/28/02 

From: "Karl Levinson [x y] mvp" <jamescagney90210@excite.com>
Date: Sat, 28 Dec 2002 13:57:48 -0500

I'm not sure how much I would worry about this. If you are a company or
this is an important production server, I would secure it thoroughly and
completely using all the tricks and checklists you can find. One or more of
the hardening checklists at the site below will mention how to change the LM
hash level. In Windows 2000 you can do this by launching gpedit.msc

http://securityadmin.info/faq.htm#harden

"Martin" <Martin@nospam.bot> wrote in message
news:031301c2ae9c$26cdd4f0$89f82ecf@TK2MSFTNGXA01...
> Hi KArl,
>
> Thats an excellent answer, after I posted this question I
> was looking through the microsoft site and found exactly
> that which you are referring to. The adsutil vbs and the
> changing of the passwords...
>
> "[although if you haven't taken
> steps to change/remove LM hashes in the SAM and in
> authentication across the
> network, long passwords are broken up into 7 character
> long segments which
> can be cracked by l0phtcrack and other crackers]."
>
> Can you explain a bit more about this????? How do I remove
> these LM hashes???
>
> Regards,
> M 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/2002

Relevant Pages

  • Re: User Accounts and Passwords question....
    ... that which you are referring to. ... changing of the passwords... ... can be cracked by l0phtcrack and other crackers]." ... these LM hashes??? ...
    (microsoft.public.win2000.security)
  • Re: cracking Y2k DC Admin password
    ... the hashes have been created, they are encrypted with a DES variant ... if you have the SAM file, you should also have taken the system file. ... anyone and you have your passwords. ... >> - rescue in windows folder and backup sam file from it, it has admin ...
    (Pen-Test)
  • Re: Password hashes
    ... There are only two hashes used for storing passwords in the Microsoft ... and there is no dedicated NTLM hash for stored passwords. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Unchangeable passwords
    ... It is difficult to store hashes, ... > If somebody discloses private keys, ... demonstrated, the hard way, that about 10% of the passwords on almost ... urging to my successors to flush the variety of root access means they ...
    (comp.os.linux.security)
  • [TOOL] SQL Server Password Auditing Tool
    ... The hashes are easy to retrieve allthough you need a priviliged account to ... To perform a dictionary attack on the retrieved hashes: ... This will try to brute force the passwords by using the supplied ...
    (Securiteam)