Tag: brute_force_attack

Turn on auditing to monitor account attacks

March 08, 2007 by Jason

There is no doubt that all of the security features in Windows Vista will help keep your computer secure. However, these features become less valuable when they are not turned on by default. One feature, known as user account auditing, is not turned on by default. With this feature is turned off, anyone with physical access or remote access to through a hole in your firewall (such an opening for Remote Desktop) can use a brute force attack against your user account for as long as they want without getting noticed at all. How? The default audit security policy is configured to not log any account logon events, successful or failed.

This allows an attacker to try to hack your accounts for as long as it takes to break in. There are a few ways to protect against this that I am going to go over in my next article about the Account Lockout policy. But first, it is important to turn on this account auditing so that you can see who may be trying to break into your accounts. After you have adjusted the auditing security policy, you will be able to see any account attacks including the account that they tried to logon with and where the request came from. Read More»

Posted in Hardware, Windows Vista, Windows XP | No Comments »

Vista Activation Succumbs To Brute Force

March 03, 2007 by Jason

IT LOOKS LIKE Microsoft’s unhackable OS activation malware has been hacked. There is an active thread at the Keznews forums, and a summary on its main page about the crack. It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation.

It is ugly, takes hours, is far from point and click, but it is said to work. I don’t have any Vista installs because of the anti-user licensing so I have not tested it personally. The method of attack has got to be quite troubling for MS on many grounds. The crack is a glorified guesser, and with the speed of modern PCs and the number of outstanding keys, the 25-digit serials are within range. The biggest problem for MS? Read More»

Posted in Windows Vista | No Comments »