Penetration Testing mailing list archives
Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords"
From: Rogan Dawes <discard () dawes za net>
Date: Wed, 12 Oct 2005 08:23:09 +0200
[The original poster seemed to be concerned about the laptop being stolen]
As I said, by using SYSKEY with a password-on-boot, I was hoping to protect the cache entries stored on the laptops. Without the SYSKEY password, the machine won't boot, so an attacker could not dump the cache (CacheDump) or get access to the LSA (LSADump2). I also assume that booting with another OS would not give the attacker access to the EFS files because AES is pretty strong, the cache entries are encrypted with a secret (NL$KM) which is stored in the LSA and the LSA is not accessible because the system key is password protected by a password which is not stored locally anymore. I don't assume my reasoning is foolproof, I just want to make sure deploying SYSKEY with a password-on-boot will render our laptops harder to penetrate.
Have you thought about implementing a BIOS password on the hard drive?Granted, there is no mechanism for locking out passwords, but I don't think that there are too many BIOS's that would allow you to automate a brute force attack . . . .
As far as I know, there is no method to override the hard drive password once it is set . . . (although maybe reformatting the whole disk might have some effect)
Regards, Rogan ------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Thor (Hammer of God) (Oct 01)
- Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Thor (Hammer of God) (Oct 01)
- <Possible follow-ups>
- RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Marco Ivaldi (Oct 11)
- Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Rogan Dawes (Oct 12)
- RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Miguel Dilaj (Oct 15)