From: Scott Ramsdell (Scott.Ramsdell@cellnet.com)
Date: Wed Oct 25 2006 - 09:44:54 EDT
A safe way would be to grab the SAM from a backup.
-Scott Ramsdell
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of xelerated
Sent: Monday, October 23, 2006 7:01 AM
To: pen-test@securityfocus.com
Subject: Password audits
I have been given the task of doing a password audit.
No problem, except I can use pwdump for the slight risk of
having to reboot a DC.
I know there are many ways to get a pw dump from a DC but my question is
this.
What is the safest way to get that, so that you dont risk having a DC
need to reboot
or have to install software on the DC?
In the past I have used pwdump, different versions, and usually i
didnt have to reboot the box, but there was that rare occasion that
that it made lsass puke and had to be rebooted.
Thanks in advance for your input.
Chris
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:14 EDT