Preface: FTP sam fileLogo -Internet Security Systems

FTP sam file
advICE :Intrusions : 2003602
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

An attempt to access the SAM (Security Accounts Manager) file, which the encrypted user account information including passwords.

Details

The SAM database is where all the WinNT and Win2k password information is stored. This alert triggers when an attempt was made to read this file using FTP. Several bugs in Windows FTP services have been discovered that might lead to access any file on the system; the SAM file is one of the most desireable targets of an exploit of such bugs.

If a remote intruder is able to retrieve this file, the intruder will then attempt to crack the encrypted passwords.

 more information
More information on the SAM file  
This section describes more about the important of the SAM file.  
CIAC: H-45   Windows NT SAM permission Vulnerability
Bulletin by the DoE CIAC about this problem.  
Security Watch: It's about time to get cracking on Windows NT password security  
Describes how administrators can "crack" their own SAM files in order to find weak passwords. This also gives a good description of how easy it is to crack such passwords.  
l0phtcrack  
Cracks NT passwords and provides tools for extracting the SAM file either locally or remotely.  
Recommendations on protecting the SAM file.  
 

 parametric information
protocolThe protocol in which this file name was used.
filenameThe complete filename.

 
Version appeared: 2.0
Privacy Policy |  Copyright Info