[Samba] compromising security
Andrew Bartlett
abartlet at samba.org
Wed Jul 6 22:19:02 GMT 2005
On Mon, 2005-07-04 at 16:57 -0500, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Tomasz Chmielewski wrote:
>
> > All that should be done is to unplug the workstation
> > from the network, then plug a laptop with a network sniffer
> > into the workstation (connect the network cards), and
> > watch the traffic... If the laptop acts with a name of a "real"
> > server, and has "encrypt passwords = no" - would the workstation
> > send the credentials in plaintext, and thus, all carefully
> > crafted security would be compromised?
> >
> > Or is something fundamentally wrong in my thinking
> > (hopefully)?
>
> Current Windows clients will not send the clear text of a
> password unless you have configured a registry setting to tell
> them it is OK. Around Windows NT 4.0 SP3, MS had the same
> thought you did.
However, the lanman password that is still sent by default is not
difficult to crack, but it does take much longer than just reading the
network sniff.
It is best to use > 14 char passwords for such accounts, as windows will
not store nor use the LM password in that case (the other option
involves the registry, and disabling that).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050707/46654c9c/attachment.bin
More information about the samba
mailing list