Eye Opener

Did you know how easy it is for someone to obtain passwords and other sensitive information from your computers? All they have to do is gain physical access to your machines and run LSADump2 on them. And if your computer belongs to a domain then you’re domain is in trouble! Even passwords used by system services are accessible by dumping LSA secrets like this. Yikes!

What does this tell us? If you don’t have *physical* security for your machines, you don’t have *any* security. Sure, long passphrases will slow an attacker down, but if they can gain access to a domain machine and run a password cracking tool on it, you’re domain is 0wn3d and you better start updating your resume!

Review the physical security of your network today and make sure you’re doing everything you can to protect your information assets!

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top