Re: Syskey

In news:43cbb66f$1_2@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx,
Dan <dan@xxxxxxxxxxxx> stated, which I commented on below:
> I have a question about the syskey utility..does it encrypt the SAM
> database? would this make well-known SIDs such as Administrator's more
> difficult to crack.
>
> Or is the SAM already encrypted in W2k/2k03 and this utility just
> makes the startup key or access to it exportable?
>
> Thanks

The startup key is exportable if you want it on a floppy. It protects the
SAM database but if you move it off the system, it may prevent stuff like
L0pht from cracking it, but I haven't tested that yet. If you do, let me
know.

Here's more info on the syskey and what it does.
How to use the SysKey utility to secure the Windows Security Accounts
Manager database
http://support.microsoft.com/kb/310105


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

If you are having difficulty in reading or finding responses to your post,
instead of the website you are using, if I may suggest to use OEx (Outlook
Express or any other newsreader of your choosing), and configure a newsgroup
account, pointing to news.microsoft.com. This is a direct link into the
Microsoft Public Newsgroups, and it is FREE and DOES NOT require a Usenet
account with your ISP. With OEx, you can easily find your post, track
threads, cross-post, and sort by date, poster's name, watched threads or
subject.

Not sure how? It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Assimilation Imminent. Resistance is Futile.
Infinite Diversities in Infinite Combinations.
=================================


.

Relevant Pages

  • RE: two questions that need answering
    ... that you can't just yank the SAM and start cracking when SYSKEY is installed ... The password portion of the SAM is now encrypted by a "stronger" ... If you want to get the real password hashes, then you need to use a tool ... Windows 2000 systems, as Windows 2000 uses ...
    (Focus-Microsoft)
  • RE: Syskey on Win2k
    ... into a txt file and then just import the dumped sam into LC4 ... Subject: Syskey on Win2k ... > since I know Syskey is supposed to be 128 encryption. ... 'Syskey thwarts this attack by encrypting the SAM database using strong ...
    (Security-Basics)
  • Re: SysKey
    ... pass the decrypted hashes back to the online SAM or DC ... Also there is some Microsoft webcast about this passwords ... >protected with syskey other than default level, ... >ten minutes by first resetting the administrator password ...
    (microsoft.public.win2000.security)
  • Re: Do I need to use the SysKey utility to enhance the security?
    ... Syskey is used to protect the local sam on a computer. ... password at boot up or floppy disk to access the operating system at start ...
    (microsoft.public.security)
  • Re: Passfilt.dll and Syskey
    ... I searched on our database and did not find ... any issues about syskey after upgrading DC to 2000 AD. ... | What are the procedures for upgrading to Windows 2000 from ... I am about to upgrade to ...
    (microsoft.public.win2000.security)