preventing hacking of the sam in 2k

tweakman278 · Sep 18, 2002

im not sure if we can talk about this but im gonna ask anyway. i have heard, and done half of, that you can take a linux boot disc, boot a pc to it, copy the sam to the floppy and using some software you can brute force it to find the passwords in it. i was able to get to the folder where the sam is stored but i havent done the second part becuase i would rather not search for ilegal software. anyhow, it was incredibally easy to do and i was wondering if there is a way to hinder this? sure you can password protect the bios and dont let it boot from the floppy but if you slip the case of and reset the bios your right into it. this has been a growing concern as i have been asked to set up several 2k networks. again my appologies if this post isnt "legal"

turd · Sep 18, 2002

There are several ways to dump the sam and a few ways to protect. I would hope that this comes under security and not hacking. Here is a link that goes into protecting your hashes.

Pretty much standard stuff, encryptyon.

http://www.winnetmag.com/Articles/Index.cfm?ArticleID=3844&pg=2

tweakman278 · Sep 18, 2002

the sam is encrypted already right?

turd · Sep 18, 2002

Here check this out it goes into it.

http://rr.sans.org/authentic/improve.php

parkan · Sep 19, 2002

Heh, I really wouldn't call it illegal (since it's not). Brute force tools such as the infamous john are far from "illegal" as far as I know. There is nothing inherintly bad about a program that rapidly encrypts strings and compares them to the actual hashed password.
Back to the topic, win2k passes are quite easy to access and there in a number of (legal and commercial) tools that are used just for what you are describing. The only fail-safe way of protecting your passess that I can think of on a windoze box, is disabling cd/floppy boots, locking down the case and putting a sensor on the lock and conencting that to the motherboard's intrusion detection system.

parkan · Sep 19, 2002

tweakman278 said:
the sam is encrypted already right?

Don't worry, windows is not that insecure

R3V3L4710N · Oct 11, 2002

parkan said:
Don't worry, windows is not that insecure

Yes it is!
The login passwords can be by-passed in about five seconds for example. (i wont say how cuz i dont wanna teach ppl 2 hak)
Windoze security sux!

Wedo · Oct 11, 2002

The ONLY way you can prevent this is to put your computer in a large safe, lock it, put a chain around the safe, and throw it in the ocean.

I had to use a Linux hack on a W2K pro machine that we bought which was supposed to have the admin pass removed. Well, it wasn't. Took me less than five minutes to get full access to the machine.

If you don't have physical security, you don't have security.

Wedo

tweakman278 · Oct 11, 2002

get this, my school system is "investigating a windows 2000 network as "secure solution" for their teacher networks"- currently mac. when i heard that i cracked up laughing ...and so did the technician i was talking too.
is xp any better than 2k? wat about this whole .net server thing? i really like the config options of 2k but the security is a joke.

preventing hacking of the sam in 2k

tweakman278

Member

turd

Member

tweakman278

Member

turd

Member

parkan

Member

parkan

Member

R3V3L4710N

Registered

Wedo

Senior Kitty Power!

tweakman278

Member

Similar threads