Security Basics mailing list archives

RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start

From: "Depp, Dennis M." <deppdm () ornl gov>
Date: Fri, 19 Sep 2003 13:03:12 -0400

It can be argued very effectively that no machine is "safe" unless it is
physically secure.  This is not a Windows problem, but a computer
problem in general.  With a SUN machine, it is easy to boot from a CD
and reset the Root password.  If I remove the CD drive, it is not
difficult to add a new CD drive.  

Dennis

-----Original Message-----
From: Jimi Thompson [mailto:jimit () myrealbox com] 
Sent: Thursday, September 18, 2003 11:07 PM
To: Damon McMahon; security-basics () securityfocus com
Subject: Re: Windows Server 2003 - Not secure from my test but OSX from
Mac is secure from the start

<SNIP>


There are so many tools out there that can reset the Administrator 
account with console access to Windows that _no_ Windows machine is 
safe if it is not physically secure.

</SNIP>

A prime example of this can be observed by booting a Windows XP 
machine off a Windows 2000 CD.  Windows 2000 "assumes" that the SAM 
is corrupt and allows you to fire up the recovery console to pull off 
just about anything you want including stuff off the encrypted 
partitions.

Another example of this are the Linux boot floppy utilities that 
actually 1-  reset the Admin password to the one of your choice  2- 
allow you to select one or 3 - allow you to dissect and decrypt the 
SAM. This is why so many of the remote management "disk-less floppy" 
utilities make me nervous.  Now I can use "password recovery" 
utilities over the wire.

Just what I needed - SOMETHING ELSE to worry about......

Thanks,

Jimi




------------------------------------------------------------------------
---
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Damon McMahon (Sep 17)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Jimi Thompson (Sep 19)
  - Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Ansgar -59cobalt- Wiechers (Sep 22)
    - Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Jimi Thompson (Sep 29)
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Zachary Mutrux (Sep 22)
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Zachary Mutrux (Sep 22)
  - Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Robert Reidenbach (Sep 23)
- <Possible follow-ups>
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Nero, Nick (Sep 17)
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Depp, Dennis M. (Sep 19)
  - Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Chris Ditri (Sep 19)