Thursday, April 30, 2009

Passwords in plaintext?

It has been a week since I could post on here, and the reasons range from mundane to just downright stupid.

I really didn't have anything to post earlier in the week. I had decided to change my test bed set-up. Instead of: 1 DC, 1 MS, 1WS, all on an XP host, I converted another real box into a server. In this way, I can better duplicate network traffic for capture, and for testing functionality. I did originally think that I was OK with just using a virtual network on one box. However, I started to notice "little things" in the VMWare Server environment. The biggest one was that joining the domain took not only creating the computer in AD, but the Host Record (A) in DNS, along with restarting (so far) a minimum of three times. I have never had that happen before, believe it to be a hardware issue on the boxes I am using, and have moved passed that issue.

The really stupid thing that cost me a whole day: I was indirectly involved with a friend of mine who had found out that an admin had placed a very interesting plaintext file on a desktop. Apparently, the file had an Overly obvious name, and contained the admin account name and password for a vital application (this account also happened to be a domain account, and was part of Enterprise, Domain, and Schema admin groups...don't ask).

In any event, if anyone ever reads this and wonders what the set-up is now:
1 DC, 2 MS (virtual), 3 WS (2 virtual, 1 host).