Solved

Why did this sysadmin use Reversible Encryption?

Posted on 2009-07-14
6
241 Views
Last Modified: 2013-12-04
I've just taken over support on a small Windows server from a prior sysadmin who the Director no longer trusted.  I've looked at the network setup, and notice that the Director's User account is the ONLY account on the network set with "Reversible Encryption".   She does nothing beyond ordinary Office applications, and sometimes uses Remote Web Workspace to connect from home.

Why might he have set this, and what might he have been up to?  If he was snooping, he would have wanted to do it from home, but I'm not sure what benefit there would have been to this setting, when he could already remote in with Admin rights.  The only thing he might have wanted to do which isn't as easy just logging in as admin was to follow her email... so perhaps he wanted to log on as her to snoop that way?  if so, could this have helped?

He was definitely antagonistic towards her - I knew him!


0
Comment
Question by:jennynover
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 120 total points
ID: 24851803
The main use of reversible encryption is to decrypt the password of a user who frequently forgets it - however, it is more likely that in this case the former admin was interested in the password not to log into that system (which could be done easily) but for either or both of

1) access to EFS encrypted files that lack a recovery agent

2) access to other systems (like webmail) as most users use the same password for all their systems.

given he could just have set a recovery agent though, its much more likely to be the latter.
0
 
LVL 4

Author Comment

by:jennynover
ID: 24852733
Thanks. ... and how do you decrypt the password?
0
 
LVL 4

Author Comment

by:jennynover
ID: 24853176
... and is there anything else I should be looking out for to lock down the server (extra points!).  I've closed all ports at the router, except those needed for RWW...   Or any other security holes he might have left I should look out for on the server (I notice that he downloaded TSWeb and saw logon type 8 records from before he left - which may be related).
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 33

Expert Comment

by:Dave Howe
ID: 24861253
I think the "cain" tool from cain and able can do it - admittedly though, I have never tried.
0
 
LVL 4

Author Comment

by:jennynover
ID: 24862794
Thanks Cocobill also for the links, not specific to the Q; but useful information.  Will go through.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question