Bugtraq mailing list archives
Re: LM hashes in a hot-desking environment
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Sat, 27 May 2006 14:27:04 +0400
Dear feedb4ck () z4ck org, --Thursday, May 25, 2006, 5:46:43 PM, you wrote to bugtraq () securityfocus com: fzo> Although it is a well known fact that Windows desktops and servers still fzo> use LM Hashes and cache the last ten userids and passwords locally, just fzo> in-case an Active Directory, Domain, or NDS tree are not available, has fzo> anyone thought about the consequences of this issue in a hot-desking, or fzo> flexible working environment? Windows doesn't cache passwords. If I remember correctly, the cached value is actually MD5 from NT key and can not be used directly. LM hashes can be disabled through group policy, see http://support.microsoft.com/?kbid=299656. Local SAM doesn't store domain accounts. fzo> Now, I know what everyone is saying, wait a minute, for PWDUMP to work you fzo> need to be administrator to the local machine. But think again, how fzo> often is this the case? Many companys only look to restrict network fzo> access - as restricting local access may cause issues with applications fzo> which need to access the local drive. If your users on shared hosts work with local administrators privileges - you have no security at all. Forget about about PWDUMP, it's too hard. Think about trojans and keyloggers user can install to obtain credentials of different user. Even more: if you have shared computer and you have no physical security, everyone can install hardware keylogger. Your problem is you have strange approach to security. Good approach is: What should I protect? -- ~/ZARAZA http://www.security.nnov.ru/
Current thread:
- LM hashes in a hot-desking environment feedb4ck (May 26)
- Re: LM hashes in a hot-desking environment 3APA3A (May 27)
- Re: LM hashes in a hot-desking environment Ansgar -59cobalt- Wiechers (May 27)
- Re: LM hashes in a hot-desking environment The Little Prince (May 29)
- RE: LM hashes in a hot-desking environment Roger A. Grimes (May 27)