Hopefully not getting too off topic...
Add HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management
Value Name: ClearPageFileAtShutdown
Data Type: REG_DWORD
Value: 1
NOTE: Fills all inactive pages in the paging file with zeros when the
system is shutdown to prevent them from being read by another process.
This registry setting prevents just that.
Mike
----- Original Message -----
From: "Drennan Richard E CONT NEOD" <[EMAIL PROTECTED]>
To: "'Rajesh Divakaran'" <[EMAIL PROTECTED]>; "Kevin Johnston"
<[EMAIL PROTECTED]>; "firewall" <[EMAIL PROTECTED]>
Sent: Monday, August 28, 2000 6:30 AM
Subject: RE: Administrator's password has been discovered bynon-priviledged
user !
> Not only can you go into promiscuous mode, correct me if I'm wrong but, I
> thought that you could boot the NT server on floppy and copy the page file
> to get at the hash.
>
> Regards,
> Richard Drennan
>
>
> -----Original Message-----
> From: Rajesh Divakaran [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 14, 2000 8:26 AM
> To: Kevin Johnston; firewall
> Subject: Re: Administrator's password has been discovered
> bynon-priviledged user !
>
>
> I have checked it.. But i was not able to
> I looged in as a normal user and tried to do it.. but no luck
> where as when i logged in as a admin equalvant user. it did
> could u tell me how it can be done..
>
> rgds
> Rajesh
>
>
> Kevin Johnston wrote:
>
> > Don't need access to the Registry with L0phtcrack. It can sniff the
> > network for NT hashes, including the Administrator's.
> >
> > At 05:22 PM8/14/00 Monday+0530, you wrote:
> > >hi,
> > >l0pht crack will NOT allow to PDC/BDC registry , if u are a normal
> user...
> > >only users with some privilages can access it .
> > >so its not l0pht crack.
> > >
> > >Rgds
> > >Rajesh
> > >
> > >
> > >J wrote:
> > >
> > > > l0pht crack can do it give 24 hrs and the rights to the box.
> > > > ----- Original Message -----
> > > > From: "BY" <[EMAIL PROTECTED]>
> > > > To: "NT 2000 Discussions" <[EMAIL PROTECTED]>;
> > > > <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
> > > > Sent: Saturday, August 26, 2000 5:54 AM
> > > > Subject: Administrator's password has been discovered by
> non-priviledged
> > > > user !
> > > >
> > > > > Hi there,
> > > > >
> > > > > I find this is really very annoying. The user with only a common
> domain
> > > > user
> > > > > priviledge who has no even power user priviledged. How does he
find
> out
> > > > the
> > > > > local administrator's and even the domain account administrator's
> > > password
> > > > ?
> > > > > I just hope he is lying to us. Cant really tell with his cheaky
face
> > > > though.
> > > > >
> > > > > I am surprised that there is a hacking tool that can explore
> anyone's
> > > > > password with just a common domain user's priviledge account ? Can
> > > > somebody
> > > > > what would the possible hacking tools he is using ?
> > > > >
> > > > > A Big Thank You !
> > > > >
> > > > > BY
> > > > >
> > > > > -
> > > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > > > "unsubscribe firewalls" in the body of the message.]
> > > > >
> > > > -
> > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > > "unsubscribe firewalls" in the body of the message.]
> > >
> > >--
> > >---------------------
> > >One day you realize that you are turning bald,
> > >You wish there was 'CUT & PASTE' in life
> > >
> > >
> > >-
> > >[To unsubscribe, send mail to [EMAIL PROTECTED] with
> > >"unsubscribe firewalls" in the body of the message.]
> >
> > *************************************
> > Kevin T Johnston
> > Research Engineer
> > Syracuse Research Corporation
> > 6225 Running Ridge Road
> > North Syracuse, NY 13212
> > Phone: (315) 452-8318
> > FAX: (315) 452-8310
> > Email: [EMAIL PROTECTED]
>
> --
> ---------------------
> One day you realize that you are turning bald,
> You wish there was 'CUT & PASTE' in life
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
