Penetration Testing mailing list archives
RE: Password audits
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 25 Oct 2006 09:43:26 -0400
-----Original Message----- Subject: Password audits
I know there are many ways to get a pw dump from a DC but my question is
this.
What is the safest way to get that, so that you dont risk having a DC need
to reboot or have to install > software on the DC? How about restoring the DC to another machine/vm (off the production network, of course) and doing the analysis on the clone? That way you can use whatever tool(s) you want and even take the machine offline and boot from other media if you need. PaulM ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Password audits xelerated (Oct 24)
- Re: Password audits pand0ra (Oct 24)
- Re: Password audits shaun (Oct 24)
- RE: Password audits Paul Melson (Oct 25)
- RE: Password audits Isaac Van Name (Oct 25)
- Re: Password audits Lanny Trager (Oct 26)
- <Possible follow-ups>
- RE: Password audits Scott Ramsdell (Oct 25)