Solved

NT servers SAM file

Posted on 2001-07-16
6
346 Views
Last Modified: 2010-04-11
im just checking our password system for holes.
ive noticed that there are still peoples passowords in our sam file, even though there accounts have been deleted, and they have left.

How can i remove them from the SAM file
as surely its highly important that the SAm file is up to date and compact.

thanks

Si...
0
Comment
Question by:SIMONBRATT
6 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6286175
do they disappear if you remove the account from User Manager for Domains?
0
 

Author Comment

by:SIMONBRATT
ID: 6289043
as i say there accounts have been removed, so yes from the UMD.

Si...
0
 
LVL 1

Expert Comment

by:auto65888
ID: 6294609
so... if you have removed the users using user manager for domains how are you seeing that there are still passwords for these users?

are you using some pasword cracker like l0phtcrack or something? are you pulling passwords from the sam._ in the c:\winnt\repair directory? if your using the sam._ file you might not have a current copy. run c:\rdisk /s to update the sam._ file with current data.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:SIMONBRATT
ID: 6297653
i am using lopht to test our system, and i am using the latest sam by doing exactly as you describe, rdisk /s

So its all a bit weird man.

Any other ideas

si...
0
 
LVL 4

Accepted Solution

by:
andydis earned 50 total points
ID: 6298897
NT or 2000 the SAM file will keep the old user names and passwords BECUASE if you havent noticed you are not allowed to recreate the same user logins once they have been deleted.....
so the sam file remembers them so you cannot set them up again!

if you want to get rid of them you may be able to copy the sam file from your BDc (backup domain controller)...
or you still maybe able to hex edit them out.....

There is a add on for 2k and NT that puts hashes in your sam file to make them harder to crack if thats what your worried about  , however if your worried about space i would concentrate on other subjects such as temp files etc etc etc......

Please bear in mind that if you are worried about security sam._ whether in the repair directory or c:\winnt\system32 if very hard to get hold of and is always in use (locked) by NT... i mean you are gonna notice sum1 has taken a copy one way or another...

thats enough blah blah blah for 50 points
0
 

Author Comment

by:SIMONBRATT
ID: 6301292
I'll be the one to let you know when theres been enough Blah Blah for 50 points.
Its quality not quantity that counts.
But as its happens that'll do nicely..

cheers
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now