Also, if they are using L0phtcrack, it doesn't do spaces. You could drop a space into the domain admin's password and L0pht won't get past it... We had a wannabe hacker use his workstation to run l0phtcrack on the domain and he got everyone's password (and nearly a termination letter). Everyone's but administrator and mine. (both had spaces in them) ====================================================================== Joseph Voisin, Systems Administrator, Engel Canada Inc. www.engelmachinery.com | [EMAIL PROTECTED] | (519)836-0220 x436 PGP Fingerprint: A20B 135D 0920 074F C7FE D72D 88A7 2521 5138 DFC2 ====================================================================== > -----Original Message----- > From: John Hovell [mailto:[EMAIL PROTECTED]] > Sent: Saturday, August 26, 2000 3:17 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: [FW1] Administrator's password has been discovered by > non-priviledged user ! > > > > BY -- > > How is this relevant to Checkpoint?? This sounds like an NT > admin security > question, better posted to > > news://comp.os.ms-windows.nt.admin.security > > Most likely he is using L0phtCrack from > http://www.l0pht.com/ > > If you don't have real strong passwords, like: > As5d@(f4&3!> > > for example. it is very easy to break Windows NT passwords, > and you can brute force > any NT password at all in about a week on a modern PIII computer. > > If you are really concerned with security *at all* I would > dump NT in a real hurry > as it is notorious for this sort of thing. > > Cheers, > John > > > BY wrote: > > > Hi there, > > > > I find this is really very annoying. The user with only a > common domain user > > priviledge who has no even power user priviledged. How does > he find out the > > local administrator's and even the domain account > administrator's password ? > > I just hope he is lying to us. Cant really tell with his > cheaky face though. > > > > I am surprised that there is a hacking tool that can > explore anyone's > > password with just a common domain user's priviledge > account ? Can somebody > > what would the possible hacking tools he is using ? > > > > A Big Thank You ! > > > > BY > > > > > ============================================================== > ================== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > > ============================================================== > ================== > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
