Here's another vote to add the Win NT/XP patch described here:
Cracking Cached Domain/Active Directory Passwords on Windows
XP/2000/2003
By Irongeek
Update:8/24/2005
http://www.irongeek.com/i.php?page=security/cachecrack
...Irongeek uses Debian as its model system, that is, he shows how to
apply the patch in Debian. Adding this patch would save much duplicated
effort by auditors.
Also, it's elegant to be able to use a Linux program to do this, (kind
of a "one up on them" thing), as well as responsible, since the more the
weaknesses of NT/XP are exposed the more public pressure there would be
to fix 'em, which would make the net as a whole better. Which might
indirectly reduce DOS attacks by "zombie armies" because there'd be
fewer computers susceptible to enslavement. Everybody benefits...
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
