|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Amoediun Trepcoze (amoediun
mailandnews.com)Date: Thu Dec 20 2001 - 07:55:13 CST
At 12:23 PM 19/12/01 -0800, you wrote:
>
>> So now that I see for my own eyes what a joke it
>> would be to get into my
>> network with a simple SAM dump, what advise do you
>> offer for fixing these
>> problems?
>
>I see what you mean, particularly if your (or any
>other administrator) password is included in that
>first batch of 75%. After all, isn't admin access
>required to dump the SAM?
>
You can get the SAM file with a bootup disk with ntfsdos.exe on it
to make it harder for people to get the SAM file
do the following
1.make sure no-one can boot off a floppy
2.make sure no-one can boot of a CD
3.make sure and reset the Bios(no access to dos through multi boot etc)
To make it harder for people to crack the SAM file
1.limit the amount of hashs stored in the SAM to 1 hash
2.make passwords more than 12 chars min for all users
3.have letters,numbers and special chrs in the password
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]