Skip to Content
Microsoft® Windows® 2000 Security Handbook
book

Microsoft® Windows® 2000 Security Handbook

by Jeff Schmidt
August 2000
Intermediate to advanced
800 pages
21h 5m
English
Que
Content preview from Microsoft® Windows® 2000 Security Handbook

The Risks of Using NTLM

The first and foremost risk with a Windows 2000 or NT system is control over the SAM database. As you undoubtedly know, all user accounts and passwords are stored in the SAM database on NT systems. With Windows 2000, workstation and local logins are managed using information retained in the SAM database, and of course, the SAM is used exclusively if Active Directory is not in use.

Stealing the SAM database would be the easiest route to take. By default, Windows NT stores a copy of the SAM in the folder called %root%\repair. Access to this critical folder allows anybody to read, and hence to steal, the contents. Restricting access to administrators only is the first improvement to make.

With a copy of the SAM database, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Windows Server® 2008 Security Resource Kit

Windows Server® 2008 Security Resource Kit

Jesper M. Johansson
Windows Server® 2008 Active Directory® Resource Kit

Windows Server® 2008 Active Directory® Resource Kit

Conan Kezema Stan Riemer Mike Mulcare, Byron Wright, and Microsoft Active Directory
Microsoft® Windows® Internals: Microsoft Windows Server™ 2003, Windows XP, and Windows 2000, 4th Edition
Microsoft Internet Information Services 7.0

Publisher Resources

ISBN: 0789719991Purchase book