troubleshooting Question

Protect/prevent Unix passwd/shadow and Windows SAM from being copied out

Avatar of sunhux
sunhux asked on
EncryptionOS SecuritySecurityUnix OS
5 Comments2 Solutions186 ViewsLast Modified:
There's a discussion internally within our corporate if it's a concern that an internal staff attempts to copy out
SAM & passwd  and then run a password cracking tool on it.

Q1:
Is this a valid concern?

Q2:
In DoD B2 (or is it C2), the file containing hashed passwd  'vanishes' : is the purpose to prevent someone from
copying out the hashes for cracking?  Or what's the purpose of doing this?

Q3:
What are the measures we can put in place to prevent internal staff from making cracking attempts on SAM
& a Unix file containing the hashed passwords?  Should stronger hash (what's the current best practice?)  or
encryption be used?
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros