RE: Defeating password cracking

Yes Anders,

On W2k you can shut of LM Hashes by adding the key HKLM\System\CurrentControlSet\Control\Lsa\NoLMHash (yes just a blank key)

And on XP by adding the value under LSA NoLMHash=1 HKLM\system\currentcontrolset\control\lsa\nolmhash=1

Remember these do not take affect until after the next time a password is changed, then it no longer stores the LM hash.

Also that ALT- character set I put in the original post, I could not get LC4 to reproduce/crack these no matter how short I made the password.

Cheers,

Dave  

>> -----Original Message-----
>> From: Anders Thulin [mailto:Anders.Thulin@kiconsulting.se]
>> Sent: Wednesday, February 19, 2003 03:28
>> To: dave
>> Subject: Re: Defeating password cracking
>>
>> Hello!
Received on Wed Feb 19 14:21:04 2003

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek