markwilson.it

Tag: Security

  • Why physical access to a PC is so useful for a hacker

    This week, I’ve been attending a (Microsoft-sponsored) training course, looking at Windows security. Now, what happens when you get a bunch of techies together in a room and talk about security? Exactly! We all start to think of ways around things. Like the classroom PCs with locked-down configurations…

    …the guy sitting next to me (who will remain anonymous, as will the training provider) had a Winternals ERD Commander 2003 boot CD.

    Using this, we were quickly able to reboot, launch the Locksmith utility and reset the administrator password to one of our choice, following which we had unrestricted access to the PC.

    It was all just a bit of harmless fun within a classroom environment, but it goes to show why physical access is such an important part of a defence in depth strategy.

  • Scripting changes to resource permissions in Windows

    Earlier today, I needed to include some registry permissions changes within a command line script that I was writing. Microsoft knowledge base article 245031 discusses a method using the regini.exe resource kit tool for Windows NT 4.0; however, for Windows 2000, XP and Server 2003 there is the SubInACL utility (subinacl.exe) which is far more powerful and much easier to use, enabling administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain.