Re: Offline NT Password & Registry Editor
From: Steven L Umbach (sumbach_at_ameritech.net)
Date: 07/23/03
- Next message: Scott: "Re: !@#$% Cert Server"
- Previous message: Hindy: "Re: Getting a file's owner? Can't be done!"
- In reply to: Steven L Umbach: "Re: Offline NT Password & Registry Editor"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jul 2003 14:10:52 GMT
Also see number three. --- Steve
Ten Immutable Laws of Security
By Scott Culp October 2000
Microsoft Security Response Center
Law 1
If a bad guy can persuade you to run his program on your computer, it's
not your computer anymore.
Law 2
If a bad guy can alter the operating system on your computer, it's not
your computer anymore.
Law 3
If a bad guy has unrestricted physical access to your computer, it's
not your computer anymore.
Law 4
If you allow a bad guy to upload programs to your web site, it's not
your web site any more.
Law 5
Weak passwords trump strong security.
Law 6
A machine is only as secure as the administrator is trustworthy.
Law 7
Encrypted data is only as secure as the decryption key.
Law 8
An out of date virus scanner is only marginally better than no virus
scanner at all.
Law 9
Absolute anonymity isn't practical, in real life or on the web.
Law 10
Technology is not a panacea.
"Steven L Umbach" <sumbach@ameritech.net> wrote in message
news:8xwTa.24541$BM.7786474@newssrv26.news.prodigy.com...
> I agree. Renaming the sam account has beed used for years - this is
> nothing new. Even if the password could not be reset, a user with access
> could install the hard drive into another computer or install a parallel
> operating system to access files. Resetting a local user account does not
> give access to domain resources in a properly configured network [no guest
> access/blank passwords allowed]. There are other ways to secure data
> including EFS file encryption. If disk has been scrubbed and all EFS
private
> keys [users and recovery agent] have been exported/deleted, then the data
is
> safe. --- Steve
>
> "Brendon Rogers" <brendon@nospam-itology.net> wrote in message
> news:OSj7N1QUDHA.1576@TK2MSFTNGP12.phx.gbl...
> > There is no security when a user has physcial access to the machine
> > (obviously less of a problem for servers and a huge problem for desktops
/
> > laptops). Prevent user-access or boot access to the floppy drive and
> CD-ROM.
> >
> > This utility also can only modify the password of a local account on
that
> > machine - ie stored in the local SAM. It cannot be used to reset a
domain
> > password.
> >
> > Other utilities such as l0phtcrack have been able to pull NT passwords
> from
> > the SAM for years.
> >
> > "Tomas" <tomas.legat@sh.se> wrote in message
> > news:0a7501c350f9$ca476060$a301280a@phx.gbl...
> > > Hi!
> > >
> > > One of my co-workers came to me with this little nifty
> > > program, which can reset or change a password on a local
> > > account within minutes.
> > > My general wondering is, do Microsoft know about this, and
> > > are they doing something about it?
> > >
> > > If you want to check it out, here's the link to the page,
> > > and form your own opinion.
> > >
> > > http://home.eunet.no/~pnordahl/ntpasswd/
> > >
> > > I think Microsoft should adress this pretty fast, since
> > > this program makes it virtually pointless to use, and come
> > > up with good passwords.
> > >
> > > Regards
> > > /Tomas
> >
> >
>
>
- Next message: Scott: "Re: !@#$% Cert Server"
- Previous message: Hindy: "Re: Getting a file's owner? Can't be done!"
- In reply to: Steven L Umbach: "Re: Offline NT Password & Registry Editor"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
