How to make sure your XP machine is safe

How safe is your windows machine? Would Putting a password for your account and changing the administrator’s password, guarantee your machine’s safety? No it won’t.

Windows passwords are stored in a file called SAM which could be located at C:/windows/system32/config folder. It’s inaccessible from within windows. But all you need to get access to the SAM file is a bootable Linux CD. Once you boot from a Linux CD you can just navigate to the specified location and copy the SAM file. Believe me it is easy as that.

If you use Backtrack which is a popular Linux distribution used for penetration testing rather than a normal Linux distribution you can try to crack the SAM file without leaving the targeted machine. Backtrack has all the tools you would ever want for these kind of things. You can use ‘john the ripper’ to try to crack the SAM file with the use of a dictionary file. Which is nothing more than a collection of possible passwords. Or you can use this tool called chntpw which can be used to inject a username and a password to the SAM file. Then you can use that username and password to log into the system.

If you are booting from any other Linux distribution you can just copy the SAM file to a pen drive and take it home! yes take it home and crack it. You can use a tool like ophcrack to crack a SAM file.

Ok then here is the good news. You can easily protect yourself from these kind of attacks. The best way is to put a BIOS password and change the boot order in such a way that first choice to boot would be the hard drive. This would prevent booting the machine from bootable disks. If that is impossible, it is best to use characters other than alphanumeric characters such as ‘$#%’. These symbols make it hard to crack passwords.

Advertisements

4 responses to “How to make sure your XP machine is safe

  1. You have provided more ways to crack a winXP system than protecting it. 🙂

    I have heard that if the password is longer than 15 charters it will be also hard to crack the password.

    And it will be good if you can provide more information on protecting a machine for Virus also.

  2. Thanks for that. Very interesting

  3. hello sir . i have download the ophcrack software but how to use this. please send information how to crack windows xp administrator password if the user forgot the administrator password

    my email id is jayanth.lucky@gmail.com

    thanks

  4. Hi! I was surfing and found your blog post… nice! I love your blog. 🙂 Cheers! Sandra. R.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s