Penetration Testing mailing list archives

Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords"

From: Rogan Dawes <discard () dawes za net>
Date: Wed, 12 Oct 2005 08:23:09 +0200

[The original poster seemed to be concerned about the laptop being stolen]

As I said, by using SYSKEY with a password-on-boot, I was hoping to
protect the cache entries stored on the laptops.  Without the SYSKEY
password, the machine won't boot, so an attacker could not dump the
cache (CacheDump) or get access to the LSA (LSADump2).  I also assume
that booting with another OS would not give the attacker access to the
EFS files because AES is pretty strong, the cache entries are encrypted
with a secret (NL$KM) which is stored in the LSA and the LSA is not
accessible because the system key is password protected by a password
which is not stored locally anymore.  I don't assume my reasoning is
foolproof, I just want to make sure deploying SYSKEY with a
password-on-boot will render our laptops harder to penetrate.


Have you thought about implementing a BIOS password on the hard drive?

Granted, there is no mechanism for locking out passwords, but I don'tthink that there are too many BIOS's that would allow you to automate abrute force attack . . . .

As far as I know, there is no method to override the hard drive passwordonce it is set . . . (although maybe reformatting the whole disk mighthave some effect)


Regards,

Rogan

------------------------------------------------------------------------------

Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilitiesto SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at:


http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Thor (Hammer of God) (Oct 01)
- Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Thor (Hammer of God) (Oct 01)
- <Possible follow-ups>
- RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Marco Ivaldi (Oct 11)
  - Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Rogan Dawes (Oct 12)
    - Re: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Chris Clymer (Oct 13)
- RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Miguel Dilaj (Oct 15)