-
March 29th, 2007, 09:57 PM
#1
Junior Member
Cain and Abel finds my password. what do I do?
I used Cain and Abel and it found my password when I dumped lsa secrets, my pass is long to, its 18 characters containing letters and special characters upper and lower case too. If C & A found my password so easily doesn't that mean someone could get my password just as easy remotely? I thought when u use a long password with special characters it would take someone a long time to get the password, how does C & a find the pass so quickly (less than a second)?
I have the registry key set to 1 for nolmhash in the registry (should that be in hexidecimal or decimal and does it even matter against c & a?)
I'd like to config my machine so it doesn't give up my pass so readily, any ideas on what I should do from here to make my comp more secure reguarding the password?
thanksin advance
-
March 29th, 2007, 11:09 PM
#2
I would suspect that all it is doing is reading cached passwords in LSA secrets.
This article may help:
http://www.windowsnetworking.com/nt/.../rtips36.shtml
-
March 31st, 2007, 02:36 PM
#3
Junior Member
thanks nihil, setting cachedlogonscount to 0 did the trick, cain n abel is no longer finding my pass.
cheers
Similar Threads
-
By DakX in forum Computer Forensics
Replies: 11
Last Post: October 2nd, 2006, 06:47 PM
-
By wildred in forum IDS & Scanner Discussions
Replies: 0
Last Post: January 1st, 2006, 07:48 PM
-
By mmkhan in forum Miscellaneous Security Discussions
Replies: 0
Last Post: September 26th, 2005, 07:48 AM
-
By Irongeek in forum Miscellaneous Security Discussions
Replies: 5
Last Post: June 11th, 2005, 05:53 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|