[Samba] samba password hashes exposed to ldapsearch
Amin Al-Regani
reganaminal at gmail.com
Tue Jul 29 20:47:05 GMT 2008
Thanks for all your help. Several people replied with good advice. I have
found out how to hide the Samba hashes from anonymous access and have
modified the FDS wiki to show the procedure.
On Mon, Jul 28, 2008 at 4:59 PM, Charlie <> wrote:
> A properly configured LDAP server will not allow anything but the
> samba daemons to read windows hashes; they are plaintext password
> equivalent since they can be cracked quite trivially with freely
> downloadable tools.
>
--
Amin Al-Regani
More information about the samba
mailing list