Security Basics mailing list archives
Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start
From: Jimi Thompson <jimit () myrealbox com>
Date: Fri, 26 Sep 2003 23:23:34 -0500
My point was that with the new "diskless utilities" that I can now boot the machine off my password change utility OVER THE WIRE. Physical access is no longer a requirement.
Jimi At 3:07 AM +0200 9/20/03, Ansgar -59cobalt- Wiechers wrote:
On 2003-09-18 Jimi Thompson wrote:There are so many tools out there that can reset the Administrator account with console access to Windows that _no_ Windows machine is safe if it is not physically secure.A prime example of this can be observed by booting a Windows XP machine off a Windows 2000 CD. Windows 2000 "assumes" that the SAM is corrupt and allows you to fire up the recovery console to pull off just about anything you want including stuff off the encrypted partitions.What else should it do, if it can't read the SAM? Deny access? That would render the recovery console useless in case of an actually corrupted SAM.Another example of this are the Linux boot floppy utilities that actually 1- reset the Admin password to the one of your choice 2- allow you to select one or 3 - allow you to dissect and decrypt the SAM. This is why so many of the remote management "disk-less floppy" utilities make me nervous. Now I can use "password recovery" utilities over the wire. Just what I needed - SOMETHING ELSE to worry about......With someone having physical access to the machine there is absolutely *no* difference of any significance between Windows, Linux or OS X. You don't have a point. Regards Ansgar Wiechers --------------------------------------------------------------------------- ----------------------------------------------------------------------------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Damon McMahon (Sep 17)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Jimi Thompson (Sep 19)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Ansgar -59cobalt- Wiechers (Sep 22)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Jimi Thompson (Sep 29)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Ansgar -59cobalt- Wiechers (Sep 22)
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Zachary Mutrux (Sep 22)
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Zachary Mutrux (Sep 22)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Robert Reidenbach (Sep 23)
- <Possible follow-ups>
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Nero, Nick (Sep 17)
- RE: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Depp, Dennis M. (Sep 19)
- Re: Windows Server 2003 - Not secure from my test but OSX from Mac is secure from the start Jimi Thompson (Sep 19)