Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords"

From: Rogan Dawes (discard@dawes.za.net)
Date: Wed Oct 12 2005 - 02:23:09 EDT

• Next message: John Doe: "Re: Oracle 11i nmap scan results"
• Previous message: Syv Ritch: "Re: Port Scanner Reports"
• In reply to: Marco Ivaldi: "RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords""
• Next in thread: Miguel Dilaj: "RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

[The original poster seemed to be concerned about the laptop being stolen]

>>As I said, by using SYSKEY with a password-on-boot, I was hoping to
>>protect the cache entries stored on the laptops. Without the SYSKEY
>>password, the machine won't boot, so an attacker could not dump the
>>cache (CacheDump) or get access to the LSA (LSADump2). I also assume
>>that booting with another OS would not give the attacker access to the
>>EFS files because AES is pretty strong, the cache entries are encrypted
>>with a secret (NL$KM) which is stored in the LSA and the LSA is not
>>accessible because the system key is password protected by a password
>>which is not stored locally anymore. I don't assume my reasoning is
>>foolproof, I just want to make sure deploying SYSKEY with a
>>password-on-boot will render our laptops harder to penetrate.
>

Have you thought about implementing a BIOS password on the hard drive?

Granted, there is no mechanism for locking out passwords, but I don't
think that there are too many BIOS's that would allow you to automate a
brute force attack . . . .

As far as I know, there is no method to override the hard drive password
once it is set . . . (although maybe reformatting the whole disk might
have some effect)

Regards,

Rogan

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: John Doe: "Re: Oracle 11i nmap scan results"
• Previous message: Syv Ritch: "Re: Port Scanner Reports"
• In reply to: Marco Ivaldi: "RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords""
• Next in thread: Miguel Dilaj: "RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:03 EDT