Re: Windows XP / 2K3 Default Users

From: Peter Wood (peterw@firstbase.co.uk)
Date: Wed Nov 01 2006 - 04:05:48 EST


At 17:27 31/10/2006 -0700, Thor wrote:
<snip>
>Maybe I'm just in a different environment, but when I see people report
>"routine" cracking SAM's, it really makes we wonder who the client-base is.
>I think the last time I was paid for any work with LM cracking was over 10
>years ago. I've been turning off LM since Win2k came out, and have been
>telling people to use pass-phrases instead of passwords since Win2000
>allowed 126 character passcodes. Even something as simple as "my dog has
>fleas" couldn't be rainbow cracked with anything I've seen out there. Of
>course, when you have a pass phrase like "OK, this is my passphrase--crack
>THIS 1 homeboy!" Then the whole thing goes out the window.
<snip>

Hi Thor

We are professional penetration testers based in the UK but working
worldwide, with large corporate clients (many international) in all
industry sectors. I conduct a large number of on-site penetration
tests every year. To date I have yet to find one client who has
consistently implemented Windows passwords/phrases longer than 14
characters and the vast majority have *no* passwords longer than 14.
None of these clients have turned off LM compatibility in policy
either. I give regular talks at (non-hacker) conferences and find
most people have no idea about this issue, despite what you and I
both know and have known since W2K came out.

best wishes
Pete

-----------------------------------------------------------------
Peter Wood FBCS CITP FIMIS MIEEE CISSP
Chief of Operations
First Base Technologies
tel: +44 1273 454525
mob: +44 7774 239915
www.fbtechies.co.uk
www.white-hats.co.uk

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:16 EDT