Hello, As far as I know, the only way to defend against this is to deny access to the SAM files that L0ptcrack uses to guess the passwords. There are two such files and one of them, I can't remember the location off the top of my head, is locked by the system. However, the second SAM file is located in the %systemroot%/repair directory and is used by NT to create a rescue disc. As such, it is available to all users. Therefore, the first defense is to limit access to this file only to administrators (You can also be crafty and audit for any attempted access for this file) However, It is possible to use a normal boot disc with, I think, NTFS2DOS.exe on the machine which will allow anybody booting from the floppy disc to access the NTFS drives and circumvent the security protocols. This will allow unrestricted access to both SAM files. Therefore, think about physical security and not allow the machine to boot from the floppy drive first in the BIOS. Lock the BIOS with a password. This was the advice given to me, but if anybody out there has any better advice, and this is about a year old, could you please tell me. Regards, Edward Petrie-Smith. > -----Original Message----- > From: [EMAIL PROTECTED] > [SMTP:[EMAIL PROTECTED]] > Sent: Sunday, December 27, 1998 11:02 AM > To: [EMAIL PROTECTED] > Subject: Fwd: l0pth crack question > > Hello all, > > > This is not a firewall question but still a security question. > And please excuse my lacking of knowledge. > > > Is there a fix for the l0pth crack for NT passwords? > Did any of the service packs take care of that problem or hasn't > anything > been done about it yet? > > l0pth crack info here -> http://www.l0pht.com > > Thank you for your time, > > Jason > > "Things are not what they used to be > Missing one inside of me > Deathly lost, this can't be real > Cannot stand this hell I feel > Emptiness is filing me > To the point of agony > Growing darkness taking dawn > I was me, but now He's gone." > If you don't know > who > said this,.... > > > Too bad. > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
