NT Domain DoS and Security Exploit with SAMBA Server
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Wed Mar 3 20:00:06 GMT 1999
On Wed, 3 Mar 1999, Gerald Carter wrote:
> Luke Kenneth Casson Leighton wrote:
> >
> > > If you set the workgroup to be the same as the domain of
> > > the NT PDC you are referring to, Samba will attempt to
> > > register the workgroup<1b> record (due to domain logons being
> > > enabled).
> >
> > are you sure? it should only register workgroup<1c>.
> > if workgroup<1b> is also being registered when
> > "security != user" then this is a mistake.
>
> Perhaps I am mistaken then. My understandingh was
> the 'security = server' reported itself as
> user leve security
not sure.
> and could be used for domain
> logons.
yes, you can.... it looks like nt PDC attempts to contact such hosts as
BDCs and goes belly-up when the PDC has gone down for a while.
> domain<1b> is used to locate the DC for a
> domain, right?
yep.
domain<1c> is for BDCs and DCs.
<a href="mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href="http://www.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://samba.org" > Samba Web site </a>
=====================================================================
Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183
Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000
Internet Security Systems, Inc. | ISS Fax : (678) 443-6477
http://www.iss.net/ *Adaptive Network Security for the Enterprise*
ISS Connect - International User Conference - May '99
=====================================================================
More information about the samba-technical
mailing list