-
June 5th, 2005, 09:51 PM
#11
http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
Geez. How difficult is it to remove that final period?
This particular tool is one I use in class when students forget their password or it gets changed during wargames. It's pretty good and I like the fact that it works off of a floppy (yes, those things still exist). If you look you'll see instructions on how to remove a password for an AD as well as AD using Win2003.
-
June 6th, 2005, 04:09 AM
#12
I agree with the second reply. Without physical security there really is no security.
-
June 6th, 2005, 04:21 AM
#13
Banned
Originally posted here by Tiger Shark
Treanglin:
With physical access to the computer there is _no_ way to block the attacker. Everything you want to try to stop them is easily circumvented.... Remember, all he has to do is remove the HD, place it in a different system and boot to his own OS. Your HD is now his to do with what he wishes and his wishes probably don't equal your dreams.....
What if your drive is encrypted? Check out loop-AES or some other data protection encryption. There are ways to ensure that even if your drive is stolen and hooked up to another machine, that the data is protected.
There's ways of stopping people with physical access. This place is very narrow minded.
-
June 6th, 2005, 06:51 AM
#14
Yes, although there are many ways to ecrypt your data there is always the thought that the encryption was created by a program and at the same time can be decrypted.
As for being narrow minded, I would check my attitude at the login prompt I have found some of the most useful and thought provoking information on here from the majority of the "old schoolers."
WITHOUT PHYSICAL SECURITY THERE IS NO SECURITY!!!!!!!!!
- MilitantEidolon
Yeah thats right........I said It!
Ultimately everyone will have their own opinion--this is mine.
-
June 6th, 2005, 06:57 AM
#15
Banned
You go decrypt AES or PGP without my key and get back to me on that. With a combination or encryption and monitoring it is easily possible to control physical access.
-
June 6th, 2005, 07:14 AM
#16
You sure you feel secure with that? Let me ask you would you be willing to put you life on the line for that statement? I don't just mean physically I mean everything to where I would physically own you and everything you ever had/have including family. (This is something my boss would ask me when I would plan for a new security level and people wonder why I am no longer working for her.)
This is when three armed/masked men pull up in black Suburban hop out run in house grab computer (and some cookies from the cookie jar sitting on top the fridge) continue backing out slowly. They proceed to exit the house lay the computer down on the ground and put about 700 rounds in to the computer... Where is your physical security now...!!!! buuuyyaaa!!
- MilitantEidolon
Yeah thats right........I said It!
Ultimately everyone will have their own opinion--this is mine.
-
June 6th, 2005, 07:22 AM
#17
Junior Member
This is when three armed/masked men pull up in black Suburban hop out run in house grab computer (and some cookies from the cookie jar sitting on top the fridge) continue backing out slowly. They proceed to exit the house lay the computer down on the ground and put about 700 rounds in to the computer... Where is your physical security now...!!!! buuuyyaaa!!
- MilitantEidolon [/B]
Okay if they want my box that bad they can have it just dont touch my cookies or else.
Wow this registration form makes me feel stupid. Im scared to go to the forums.
-
June 6th, 2005, 10:51 AM
#18
To call it "NT offline password cracker" is a bit unfair.
It is NOT a cracker and cannot be used to crack passwords. It's simply a utility that allows someone with physical access (presumably legitimately) to reset the Administrator and other passwords.
I have used it on several occasions, for legitimate "data recovery", i.e. someone hands me an old Windows box that nobody seems to know the password for, and wants some data off it.
It's not some sort of l3337 0-DaY Bl4ckH4t T00lz
Slarty
-
June 6th, 2005, 04:43 PM
#19
Slarty is correct, it has nothing to do with "cracking" it is about obtaining control of the operating system, and hence, the computer.............................and I have never heard of anyone who encrypted their operating system and got their computer to reboot
Encryption is for data: physical security needs to be provided physically.
-
June 7th, 2005, 08:11 AM
#20
Junior Member
I know that it is not a "cracker" per say, it was just easier than saying "nt offline password reset tool"
Wow this registration form makes me feel stupid. Im scared to go to the forums.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|