[Samba] security consideration

Andrew Bartlett abartlet at pcug.org.au
Thu Feb 21 14:24:04 GMT 2002


"Ilia E. Chipitsine" wrote:
> 
> Dear Sirs,
> 
> is there any program like 'crack-5' in order to break smbpasswd ?
> 
> what is stronger:
> 
> 1) MD5 passwords ? (I'm using FreeBSD)

Probably

> 2) DES passwords ?

weak, but if salted its not cleartext equiv

> 3) Kerberos 5 ?

Depends on enc types used, cleartext equiv

> 4) smbpasswd ?

Very weak, cleartext equiv.

The LM hash in smbpasswd is very weak, and I'm told it can be 'broken'
in rather short order.

But none of the above is relevent unless the passwords are not in the
dictionary!

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba mailing list