Microsoft® Windows® 2000 Security Handbook

The Risks of Using NTLM

The first and foremost risk with a Windows 2000 or NT system is control over the SAM database. As you undoubtedly know, all user accounts and passwords are stored in the SAM database on NT systems. With Windows 2000, workstation and local logins are managed using information retained in the SAM database, and of course, the SAM is used exclusively if Active Directory is not in use.

Stealing the SAM database would be the easiest route to take. By default, Windows NT stores a copy of the SAM in the folder called %root%\repair. Access to this critical folder allows anybody to read, and hence to steal, the contents. Restricting access to administrators only is the first improvement to make.

With a copy of the SAM database, ...

Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft® Windows® 2000 Security Handbook by Jeff Schmidt

The Risks of Using NTLM

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly