BetaONE will rise again!


Reply
  #1  
Old 20th Dec 02, 12:04 PM
ironleg1963 ironleg1963 is offline
Member
 
Join Date: Dec 2001
Location: idaho
Posts: 45
ironleg1963 is an unknown quantity at this point
Send a message via AIM to ironleg1963 Send a message via MSN to ironleg1963
I have a question for the xp and windows 2000 guru`s out there. My last job was doing tech support for a major computer company. we did support for all the operating systems the company sold with it`s systems. anyway my question is we found a way to change the admin password from a command prompt for windows xp.
here is the command in windows xp pro corporate edition from a command prompt;
cd\
in the root of your system partition type in

net user administrator *
it will ask you to type in a password for the user
then ask you to retype the password in
and then inform you that it was successful in changing the password.

anyway you can change the admin password even from a limited account. i did some checking and this command is used for primaraly changing passwords on a domain controller. there is a q article on this from microsoft, but i do not have it right now to add it.my question is how would you block this from happening?
i know you could remove access to the command prompt or the run feature, but what is stopping someone from booting up with a ntfs boot disk and changing it anyway.
i know if you want to reset the password in windows 2000 pro, server and advanced server you can go into the winnt\system32\config directory and rename the security file to anything you want. then go into the winnt\repair directory and copy the security file over to the config directory and it will ask you for a new admiin password when you reboot. the drawback is that you will need to rebuild all your network connections again.
if you download the service packs it should make it harder to change the admin password in 2000. i want to know how to set up the security because i want to get into network security after i get out of college. i realize there are programs out there that will crack passwords (I.E - L0pht Crack, linux boot disks, and ERD2002, to name a few). so can anyone tell me how to set up the security to reduce the possability of people gaining access where they should not? Any help or advise on this is greatly appriciated,
Thanks!
ironleg1963
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 07:33 AM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.