|
Focus on Microsoft
Re: focus-ms (at) securityfocus (dot) com [email concealed] Aug 30 2003 08:49AM fala83@libero.it (fala83 libero it) (5 replies) Wasn't someone looking for a Group Policy collection tool? Oct 04 2003 02:48AM Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net) cached passwords (was RE: focus-ms (at) securityfocus (dot) com [email concealed]) Sep 02 2003 06:28AM Zachary Mutrux (zmutrux compumentor org) Re: focus-ms (at) securityfocus (dot) com [email concealed] Sep 02 2003 01:11AM Sam Baskinger (sam reefedge com) Re: focus-ms (at) securityfocus (dot) com [email concealed] Sep 01 2003 08:23PM Flávio Pereira (fpereirabr yahoo com br) |
|
|
Privacy Statement |
>
> In my opinion a system wouldn'n cache password locally.
> E.g. Sysadmin logs in into a workstation and password will be stored locally. An
> attacker could retrieve his password and login into the whole network whit
> administrative privileges. It is not completely safe.
> I'd rather prefer use Kerberos, using his tickets to access network resource
> without caching password.
> Anyway if the password must be stored locally, it must be!
>
A kerberos (read: network) password doesn't do squat for a disconnected
user wishing to log on with their network account. It is for this
purpose that Windows can and does cache the password, and not just
for a specific user.
Check out http://is-it-true.org/nt/registry/rtips320.shtml
-ds
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]