Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it? 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Windows 2000 Network passwords
Posted by: LexIcon
Date: December 13, 2007 01:22PM

At the school where I work some of the faculty and students have discovered the local Admin passwords. Recently the domain Admin password has been comprimised, so we changed that, and it was discovered once again, there is only one network admin account, how could they get that password, and what can be done to stop that.

There is approx. 500 computers running windows 2000, the password is not guessable, any help or insight would be appreciated.

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: Reiners
Date: December 13, 2007 02:44PM

insert live CD like Knoppix, copy the SAM/system/security file and bruteforce it at home.
you could disable booting from CD in BIOS and set a bios password, however this is not ultimatly save (hw bios reset).
and make sure you dont have a copy of the SAM file stored in C:/winnt/repair. However this needs to be done at every single computer, which sucks of course.

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: Nokia
Date: December 21, 2007 05:54PM

Quote

insert live CD like Knoppix, copy the SAM/system/security file and bruteforce it at home.

If this was how it was done then that would denote someone has physical access to a domain controller, or to a host that someone has logged onto with domain admin credentials - in either case the OP be pretty fooked if this is what has happened..

If you have changed the domain admin password and it was discovered in a short space of time, personally I would start looking for a key logger on any machine you login too with the domain admin password or have used the runas command on.

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: or51c
Date: December 26, 2007 08:25PM

Lots of different ways to get win2k network passes. The easiest way to secure you're systems would be to upgrade to another OS.

or51c

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: id
Date: December 27, 2007 01:14PM

keylogger, network sniffer, using the password somewhere else that has been compromised, thinking your password is non-guessable and it isn't, another account with admin privs... Too easy in an environment like that.

-id

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: thrill
Date: December 27, 2007 02:10PM

Quote

Lots of different ways to get win2k network passes. The easiest way to secure you're systems would be to upgrade to another OS.

But even upgrading to a different OS does not solve the problem of physical access to a machine.. if you have physical access even to an OpenBSD box you can still boot it into single user mode and change root password that way. Just ask id about such things.. ;)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: id
Date: December 28, 2007 02:38PM

You can, if you leave it in a default setup.

Console can be secured so single user still requires a password, and you can encrypt the volume so even physical access can be somewhat secure. However, if you are running a network any larger than your home one, your servers should be under tight physical control.

-id

Options: ReplyQuote
Re: Windows 2000 Network passwords
Posted by: unkn0wn_god
Date: February 01, 2008 11:41AM

if they have physical access they could have easily cracked the Admin account via Ophcrack Live CD (http://ophcrack.sourceforge.net/)

Options: ReplyQuote


Sorry, only registered users may post in this forum.