NT Domain DoS and Security Exploit with SAMBA Server

Gerald Carter cartegw at Eng.Auburn.EDU
Wed Mar 3 19:46:57 GMT 1999

Luke Kenneth Casson Leighton wrote:
> > If you set the workgroup to be the same as the domain of
> > the NT PDC you are referring to, Samba will attempt to
> > register the workgroup<1b> record (due to domain logons being
> > enabled).
> are you sure?  it should only register workgroup<1c>.  
> if workgroup<1b> is also being registered when 
> "security != user" then this is a mistake.

Perhaps I am mistaken then.  My understandingh was 
the 'security = server' reported itself as 
user leve security and could be used for domain 
logons.  domain<1b> is used to locate the DC for a 
domain, right?

                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at eng.auburn.edu             http://www.eng.auburn.edu/users/cartegw

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-technical mailing list