Re: Testing two bank laptops. winxp vpn client

From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Sun Feb 12 2006 - 13:34:32 EST

• Next message: Packet Man: "Re: Spyware assessment techniques - hub?"
• Previous message: Enrique A. Sanchez Montellano: "RE: pushing exploits through the Firewall"
• In reply to: Bob WIlliams: "Testing two bank laptops. winxp vpn client"
• Next in thread: Rony Romero: "Re: Testing two bank laptops. winxp vpn client"
• Reply: Rony Romero: "Re: Testing two bank laptops. winxp vpn client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Disable via reg hack:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters
(dword) DisableSavePassword=1

t

-----
"I don't want their respect, I want their obedience."
Dr. Thomas W. Shinder, M.D.

----- Original Message -----
From: "Bob WIlliams" <sopiaz57@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Sunday, February 12, 2006 9:33 AM
Subject: Testing two bank laptops. winxp vpn client

Hey All,

I have a client who wants two bank laptops tested. I want to do some
reasearch on a fix for a problem I know they are vulnerable too. They
use the WIN xp VPN client which saves the password, giving someone who
steals the laptop an easy way into the corporate network.

Does anyone know how I can disable this feature so employees cant save
the password?

Thanks in advance//

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Packet Man: "Re: Spyware assessment techniques - hub?"
• Previous message: Enrique A. Sanchez Montellano: "RE: pushing exploits through the Firewall"
• In reply to: Bob WIlliams: "Testing two bank laptops. winxp vpn client"
• Next in thread: Rony Romero: "Re: Testing two bank laptops. winxp vpn client"
• Reply: Rony Romero: "Re: Testing two bank laptops. winxp vpn client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT