One of the group Sercurty bods says he Hacked into are systems User Accounts this week end.

we know he asked one on the group guys for the Admin password.

Thats fine once in you in you can hack the password file.

He sent the XL file with the Passwords in which ok I can do it. But I cannot think of a way you could get in without the some Admin password.

All the updates are on the servers

Help I don't want this coont in again

 

only reason he's want the admin password is it makes it easier to get at the hashed passwords file.

you dont however NEED it, it just saves some agro...

nothing you can do about it i'm afraid... if someone really wants to get it, they will (providing they can get physical access to the network)

there are things you can do to make it harder... but stopping it altogether is another matter... if theres something i really wanted to get at... i would

but if you make it tough, i wouldn't bother 99% of the time

best thing is to make your passwords NOT words found in the dictionary... use numbers AND letters (and not easy ones like replacing S with 5 etc. ) make them as many characters as possible, and if at all possible include obscure characters...

a password like: dsf7as!90<3e would take WEEKS to crack... by which point you'd probbaly have given up trying to crack it... lol also if you change your passwords weekly... by the time they crack the password, it's changed

obviously getting normal users to do this is nigh on impossible coz all the daft coonts will forget them but try and do it to your admin accounts

 

Cheers Jim

The Admin Account is long and odd. With all the windows Updates he could not have Done a DOS attack.

So some how he got to the SAM file. So he must have used the Admin passowrd to get in.

SMTP is not a way in I think?

Fook knows

 

all this computer talk has left scortch marks on top of me head where it has gone screaming over it

 

Punch him in the chops and tell him to stop being such a geek!

 

There's countless ways in, if someone is *that* good, it's near enough impossible to safeguard against 100%. Like Jim says, 9 times out of 10 it's weak passwords and/or someone being careless with theirs, giving it out (to anyone) or writing it down.

And yes, SMTP can be vulnerable, *any* open ports can be vulnerable. Check SecurityFocus.com etc. for known loopholes against your particular version.

 

Thanks mate very usefull site

 

johnny, you can even sniff the passwords out on any PC attached to the network and on a hub (not switch) to the server/desktop as theyre not encrypted when sent

also you dont need admin access to the machine to get the same file, just physical access to it

 

Password complexity is only useful defence against dictionary attacks, I could remove any admin or user password in the time it takes to reboot any Windows server if allowed access to the console

Just ensure your have your updates done and dont run too many services on any box, shut down any service you dont need etc