Summary


Windows uses a variety of authentication mechanisms to protect passwords between the client and the server. Passwords can be stored in hashed form (LM or NTLM) to prevent easy interception, and four different authentication protocols are used to securely transport logon credentials. Passwords can be compromised through social engineering, guessing, brute force, or cracking. Five recommendations can significantly limit a network's exposure risk to password cracking:

  • Disable LM password hash storage

  • Require long, complex passwords

  • Enable Account Lockouts

  • Disable LM and NTLM authentication

  • Force moderately frequent password changes

With a handful of changes, the threat of successful password cracking can be removed. Chapter 5 deals with protecting high-risk files from exploitation.



Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net