-
June 5th, 2005 09:51 PM
#11
http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
Geez. How difficult is it to remove that final period?
This particular tool is one I use in class when students forget their password or it gets changed during wargames. It's pretty good and I like the fact that it works off of a floppy (yes, those things still exist). If you look you'll see instructions on how to remove a password for an AD as well as AD using Win2003. 
-
June 6th, 2005 04:09 AM
#12
I agree with the second reply. Without physical security there really is no security.
-
June 6th, 2005 04:21 AM
#13
Banned
Originally posted here by Tiger Shark
Treanglin:
With physical access to the computer there is _no_ way to block the attacker. Everything you want to try to stop them is easily circumvented.... Remember, all he has to do is remove the HD, place it in a different system and boot to his own OS. Your HD is now his to do with what he wishes and his wishes probably don't equal your dreams..... 
What if your drive is encrypted? Check out loop-AES or some other data protection encryption. There are ways to ensure that even if your drive is stolen and hooked up to another machine, that the data is protected.
There's ways of stopping people with physical access. This place is very narrow minded.
-
June 6th, 2005 06:51 AM
#14
Yes, although there are many ways to ecrypt your data there is always the thought that the encryption was created by a program and at the same time can be decrypted.
As for being narrow minded, I would check my attitude at the login prompt I have found some of the most useful and thought provoking information on here from the majority of the "old schoolers."
WITHOUT PHYSICAL SECURITY THERE IS NO SECURITY!!!!!!!!!
- MilitantEidolon
Yeah thats right........I said It!
Ultimately everyone will have their own opinion--this is mine.
-
June 6th, 2005 06:57 AM
#15
Banned
You go decrypt AES or PGP without my key and get back to me on that. With a combination or encryption and monitoring it is easily possible to control physical access.
-
June 6th, 2005 07:14 AM
#16
You sure you feel secure with that? Let me ask you would you be willing to put you life on the line for that statement? I don't just mean physically I mean everything to where I would physically own you and everything you ever had/have including family. (This is something my boss would ask me when I would plan for a new security level and people wonder why I am no longer working for her.)
This is when three armed/masked men pull up in black Suburban hop out run in house grab computer (and some cookies from the cookie jar sitting on top the fridge) continue backing out slowly. They proceed to exit the house lay the computer down on the ground and put about 700 rounds in to the computer... Where is your physical security now...!!!! buuuyyaaa!!
- MilitantEidolon
Yeah thats right........I said It!
Ultimately everyone will have their own opinion--this is mine.
-
June 6th, 2005 07:22 AM
#17
Junior Member
This is when three armed/masked men pull up in black Suburban hop out run in house grab computer (and some cookies from the cookie jar sitting on top the fridge) continue backing out slowly. They proceed to exit the house lay the computer down on the ground and put about 700 rounds in to the computer... Where is your physical security now...!!!! buuuyyaaa!!
- MilitantEidolon [/B]
Okay if they want my box that bad they can have it just dont touch my cookies or else.
Wow this registration form makes me feel stupid. Im scared to go to the forums.
-
June 6th, 2005 10:51 AM
#18
To call it "NT offline password cracker" is a bit unfair.
It is NOT a cracker and cannot be used to crack passwords. It's simply a utility that allows someone with physical access (presumably legitimately) to reset the Administrator and other passwords.
I have used it on several occasions, for legitimate "data recovery", i.e. someone hands me an old Windows box that nobody seems to know the password for, and wants some data off it.
It's not some sort of l3337 0-DaY Bl4ckH4t T00lz 
Slarty
-
June 6th, 2005 04:43 PM
#19
Slarty is correct, it has nothing to do with "cracking" it is about obtaining control of the operating system, and hence, the computer.............................and I have never heard of anyone who encrypted their operating system and got their computer to reboot
Encryption is for data: physical security needs to be provided physically.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
-
June 7th, 2005 08:11 AM
#20
Junior Member
I know that it is not a "cracker" per say, it was just easier than saying "nt offline password reset tool"
Wow this registration form makes me feel stupid. Im scared to go to the forums.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
Forum Rules
|
|
Reply With Quote
Bookmarks