problems with smbpasswd (joining a SAMBA-Domain)
Matt Chapman
matty at cifs.org
Mon Oct 18 01:31:24 GMT 1999
On Mon, Oct 18, 1999 at 11:03:29AM +1000, Murray Gibbins wrote:
>
> Having "encript passwords = yes" still allows access, the password is
> always encripted into the same string each time, into so-called 'text
> equalent passwords' all a sniffer needs to is itentify the packets
> makeing up this encripted password and send it off the the sever, which
> will validate it.
Yes and no.
The encrypted password - as stored in smbpasswd for example - is the same
each time, and is plaintext equivalent, i.e. as you say can be used to
gain network access.
What is actually sent over the wire is just a hash with a server challenge,
from which it is not possible to recover the encrypted password.
Cheers,
Matt
--
Matthew "Austin" Chapman
SysAdmin, Developer, Samba Team Member
More information about the samba-ntdom
mailing list