2008-01-26 Initial Post
From what I’ve been able to determine, these types of attacks are very difficult against an account database such as Active Directory. Here are my thoughts on this: (more…)
2008-12-30 Initial Post
Data travelling in clear text is vulnerable to network sniffers, but technologies such as network switches and VLANs make it difficult to actually sniff all packets. Switches and VLANs contain broadcast traffic. (more…)
2009-07-28 Initial Post
Tested on Windows XP SP3 with Cisco VPN Client 5.0 and Windows Server 2003 SP2 AD
Remote users who need to sync their laptop’s locally cached password with their AD password can do the following: (more…)
2009-01-22 Initial Post
As simple as it seemed, I couldn't find any good info on PDF file security, so I did some research on it and here are my notes:
From what I’ve read so far, 128-bit RC4, when used as the user password (password to allow opening the PDF file) is not feasibly crackable if a complex password is used. There are some utilities that can crack the master/owner password (password that restricts printing, copying text, modifying, etc.), but they can’t feasibly crack a complex user password. (more…)
2009-01-12 Initial Post
Apparently the RPC traffic between Outlook 2003 and Exchange Server 2003 is encoded, but NOT ENCRYPTED, by default. To encrypt you can enable the option “Encrypt data between Microsoft Office Outlook and Microsoft Exchange Server” in Outlook 2003. Outlook 2007 enables that option by default. (more…)
You are currently browsing the archives for the IT Security category.
