> I, personally, have a tendency to SSH home during class
> to read up on email and such whenever it gets a little
> boring. There's also times when I 'su' while logged in
> remotely from school. I know I don't want anyone getting my
> root passwords.
>
You could use sudo for most things tha
IL PROTECTED]]
>> Sent: Wednesday, February 05, 2003 15:19
>> To: Kamran Muzaffer; Gedi; [EMAIL PROTECTED]
>> Subject: Re: Unwanted programs on Win2K
>>
>> Kamran Muzaffer wrote:
>> > Hi Gedi,
>> >
>> > I tried to _crack_ a .SAM file loca
>> Question: How can someone bypass restrictions in
> Win2k
>> to install software when he doesn?t have proper
>> privileges?
>
> A little paranoia is a good thing, but since you're a
> user, it really isn't your concern. After all, if
> your company has policies against such things as users
> in
your correct.
Jim
-Original Message-
From: H C [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 05, 2003 10:01 AM
To: [EMAIL PROTECTED]
Subject: RE: Unwanted programs on Win2K
Gedi,
For the sake of accuracy:
> However, the easiest is to crack the .SAM file.
"Easiest" is r
I recommend the book Hacking Windows 2000 Exposed (ISBN 0072192623) it is an
book that covers many vunerabilites on a Windows 2000 based computer.
Tim Donahue
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, February 01, 2003 6:38 PM
> To: [EM
You can never fully secure a machine locally unless
you remove all the drives, pad lock it up, put it in a
sealed room with motion sensors in there.
Cracking the SAM file will only give you passwords
locally. That is they will give you full access to the
machine but not the network.
This topic is
Kamran Muzaffer wrote:
> Hi Gedi,
>
> I tried to _crack_ a .SAM file located in c:\WINNT\repair with LC4,
> but it only shows Administrator and guest accounts and those are not
> the current passwords either. I think windows saves the initial copy
> of the password database there. That's the very r
Wait until a few in senior management get arrested. ;-)
(note: Check appendix of industrial espionage act)
Jim
Chris Berry wrote:
>
> >From: Harris Samuel W PORT <[EMAIL PROTECTED]>
> >I disagree. Security is everybody's problem. The user can be a big
> >help in notifying the IT department of
ind of job that nobody notices if you're doing it well.
People only take notice of their systems when they're not working.
-Original Message-
From: Mike Heitz [mailto:[EMAIL PROTECTED]]
Sent: 05 February 2003 02:57
To: Harris Samuel W PORT; H C; [EMAIL PROTECTED]
Subject: RE: U
hy.html
Fport and others:
http://www.foundstone.com/knowledge/intrusion_detection.html
Blues Port Scanner:
http://www.webattack.com/get/bluescan.shtml
Angry IP Scanner:
http://www.angryziber.com/ipscan/
-Original Message-
From: Simon Taplin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday
ogin" banner when they
log into Unix boxes? Or know the correct reporting procedures for
suspected intrusions? Or even the signs?
> -Original Message-
> From: H C [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 04, 2003 9:11 AM
> To: [EMAIL PROTECTED]
> Subject:
Gedi,
For the sake of accuracy:
> However, the easiest is to crack the .SAM file.
"Easiest" is relative. I'd go w/ the Linux bootdisk
and utility to change the password.
Also, there is no such thing as a ".SAM" file...it's
just "SAM".
> If your admins are usless you may be lucky and find
*hole* :)
-Regards,
-=Kamran
- Original Message -
From: "Gedi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February 04, 2003 10:42 PM
Subject: RE: Unwanted programs on Win2K
Hi Ahaly
There are many ways to do get the result you want.
However, the easiest is t
From: Harris Samuel W PORT <[EMAIL PROTECTED]>
I disagree. Security is everybody's problem. The user can be a big
help in notifying the IT department of things going on that might have
escaped their eyes. The more eyes, the better.
I agree, regular users are some of my best agents in making sure
PORT [mailto:[EMAIL PROTECTED]]
Sent: Tue 2/4/2003 3:54 PM
To: 'H C'; [EMAIL PROTECTED]
Cc:
Subject: RE: Unwanted programs on Win2K
I disagree. Security is everybody's problem. The user can be a big help in
no
Hello Ahaly
As an admin working in a uni enviroment, I have seen this before.
It depends on what the admins have set up. Some accounts may be Part of the
Power Users group which gives them rights to install for that user only.
Your's might be part of the more restricted Users group. Also, some pr
From: Gedi <[EMAIL PROTECTED]>
There are many ways to do get the result you want.
However, the easiest is to crack the .SAM file.
The .SAM file is locked under operating running
conditions. If your admins are usless you may be lucky
and find a backup copy in the repair folder
(c:\WINNT\repair)
Ha
pyard
Portsmouth , NH 03801
(207) 438-4779
-Original Message-
From: H C [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 04, 2003 9:11 AM
To: [EMAIL PROTECTED]
Subject: re: Unwanted programs on Win2K
> Question: How can someone bypass restrictions in
Win2k
> to install software when
Gedi
-Original Message-
From: Tim Donahue
[mailto:[EMAIL PROTECTED]]
Sent: 03 February 2003 19:09
To: '[EMAIL PROTECTED]'
Cc: [EMAIL PROTECTED]
Subject: RE: Unwanted programs on Win2K
I recommend the book Hacking Windows 2000 Exposed
(ISBN 0072192623) it is an
book that covers man
> Question: How can someone bypass restrictions in
Win2k
> to install software when he doesn?t have proper
> privileges?
Privilege escalation is pretty trivial these
days...assuming that the user doesn't already have
local admin privileges on the system. Not too long
ago, a worm used the privil
20 matches
Mail list logo
