Home page logo
/

basics logo Security Basics mailing list archives

RE: Cached Password concern
From: "Blake Wiedman [Icons]" <bwiedman () iconsinc com>
Date: Mon, 1 Dec 2003 12:47:50 -0500

Syskey is able to be broken. Perform a search on SAMInside.

Blake Wiedman
Icons Inc.
Security Technician
(732) 821-9100 x103


-----Original Message-----
From: sunny budd [mailto:sunnybudd () hotmail com] 
Sent: Monday, December 01, 2003 5:56 AM
To: security-basics () securityfocus com
Subject: Cached Password concern

Hi all

I am working on a laptop users security policy and I have a concern
about 
cached domain user credentials in Windows 2000 SP4 as We use our domain 
admin password to logon to laptops while they are being built.  I would
like 
to recommend against this practice but need some information on how easy
it 
is to extract this stuff from a stolen laptop.  I have heard that these 
passwords are protected by "syskey" and are impossible to extract.  Is
this 
true or does anyone know how to get at these passwords?

Thanks,
S

_________________________________________________________________
Find a cheaper internet access deal - choose one to suit you. 
http://www.msn.co.uk/internetaccess


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]