Re: Testing two bank laptops. winxp vpn client

From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Sun Feb 12 2006 - 21:48:55 EST

• Next message: Marco Ivaldi: "thc-pptp-bruter problem?"
• Previous message: Amit: "Re: Qualys"
• In reply to: jeremiah: "RE: Testing two bank laptops. winxp vpn client"
• Next in thread: lion nagar: "Re: Testing two bank laptops. winxp vpn client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Cached credentials are not the same thing as a saved password for VPN
connections. The number of cached creds to save in the LSA do not affect
the "Save Password" option for MS VPN clients at all.

See my earlier email for the reg hack to disable saving the password on an
RRAS connection.

t

-----
"I don't want their respect, I want their obedience."
Dr. Thomas W. Shinder, M.D.

----- Original Message -----
From: "jeremiah" <jeremiah@nur.net>
To: "'Bob WIlliams'" <sopiaz57@gmail.com>; <pen-test@securityfocus.com>
Sent: Sunday, February 12, 2006 11:42 AM
Subject: RE: Testing two bank laptops. winxp vpn client

> Disable cached credentials via a domain Group Policy Object. The best way
> to do this is by creating a container group for the laptop machine
> accounts
> in the domain.
>
> Caveats? The user will have to login via a RAS connection. The other
> alternative is two-factor auth, which will allow safe use of cached creds.
>
> "To turn off cached credentials, use a Group Policy Object (GPO) to set
> the
> number of cached credentials to zero. Users can still log on using local
> user accounts, but in most environments, it's unusual for users to have
> local user accounts on their clients. You might consider changing the
> cached
> credential setting only for desktop computers, as laptop users may have a
> legitimate need to log on when they can't contact a DC."
> http://www.mcpmag.com/columns/print.asp?EditorialsID=658
>
> More here:
> http://www.windowsecurity.com/articles/Implementing-Troubleshooting-Account-
> Lockout.html
>
> http://www.windowsdevcenter.com/pub/a/windows/2004/05/18/ug_caching.html
>
> http://www.windowsdevcenter.com/pub/a/windows/2004/05/18/ug_caching.html
>
>
>
>> -----Original Message-----
>> From: Bob WIlliams [mailto:sopiaz57@gmail.com]
>> Sent: Sunday, February 12, 2006 9:34 AM
>> To: pen-test@securityfocus.com
>> Subject: Testing two bank laptops. winxp vpn client
>>
>> Hey All,
>>
>> I have a client who wants two bank laptops tested. I want to do some
>> reasearch on a fix for a problem I know they are vulnerable too. They
>> use the WIN xp VPN client which saves the password, giving someone who
>> steals the laptop an easy way into the corporate network.
>>
>> Does anyone know how I can disable this feature so employees cant save
>> the password?
>>
>> Thanks in advance//
>>
>> --------------------------------------------------------------------------
>> ----
>> Audit your website security with Acunetix Web Vulnerability Scanner:
>>
>> Hackers are concentrating their efforts on attacking applications on your
>> website. Up to 75% of cyber attacks are launched on shopping carts,
>> forms,
>> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>> are
>> futile against web application hacking. Check your website for
>> vulnerabilities
>> to SQL injection, Cross site scripting and other web attacks before
>> hackers do!
>> Download Trial at:
>>
>> http://www.securityfocus.com/sponsor/pen-test_050831
>> --------------------------------------------------------------------------
>> -----
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Marco Ivaldi: "thc-pptp-bruter problem?"
• Previous message: Amit: "Re: Qualys"
• In reply to: jeremiah: "RE: Testing two bank laptops. winxp vpn client"
• Next in thread: lion nagar: "Re: Testing two bank laptops. winxp vpn client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT