Thursday, April 17, 2014


Yesterday I purchased kon-boot utility for testing purpose from PIOTRBANIA.COM, and today I found our Domain Controller in front of me J, our domain controller is windows 2008 R2. Actually the utility worked perfectly and it bypassing the domain administrator Password simply. Kon-boot is awesome utility, it is simple and cheap.

To avoid this kind of bypass, I strongly recommend to do the following:

  1.        Disable USB/CD from Bios
  2.        Protect access to Bios with password
  3.        Disable boot from LAN on all servers
  4.        if available, use Secure Boot feature.
  5.        Physically lock servers to avoid Bios password reset
  6.        Keep monitor servers room entrance

Using this utility will allow hackers to open a door or create a username with full privilege on the network to use it later.

And finally, I like this utility. And would thank the team behind it.


1 comment: