From: jeremiah (jeremiah@nur.net)
Date: Sun Feb 12 2006 - 14:42:40 EST
Disable cached credentials via a domain Group Policy Object. The best way
to do this is by creating a container group for the laptop machine accounts
in the domain.
Caveats? The user will have to login via a RAS connection. The other
alternative is two-factor auth, which will allow safe use of cached creds.
"To turn off cached credentials, use a Group Policy Object (GPO) to set the
number of cached credentials to zero. Users can still log on using local
user accounts, but in most environments, it's unusual for users to have
local user accounts on their clients. You might consider changing the cached
credential setting only for desktop computers, as laptop users may have a
legitimate need to log on when they can't contact a DC."
http://www.mcpmag.com/columns/print.asp?EditorialsID=658
More here:
http://www.windowsecurity.com/articles/Implementing-Troubleshooting-Account-
Lockout.html
http://www.windowsdevcenter.com/pub/a/windows/2004/05/18/ug_caching.html
http://www.windowsdevcenter.com/pub/a/windows/2004/05/18/ug_caching.html
> -----Original Message-----
> From: Bob WIlliams [mailto:sopiaz57@gmail.com]
> Sent: Sunday, February 12, 2006 9:34 AM
> To: pen-test@securityfocus.com
> Subject: Testing two bank laptops. winxp vpn client
>
> Hey All,
>
> I have a client who wants two bank laptops tested. I want to do some
> reasearch on a fix for a problem I know they are vulnerable too. They
> use the WIN xp VPN client which saves the password, giving someone who
> steals the laptop an easy way into the corporate network.
>
> Does anyone know how I can disable this feature so employees cant save
> the password?
>
> Thanks in advance//
>
> --------------------------------------------------------------------------
> ----
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
> -----
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT