Great Circle Associates Firewalls
(January 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: BoS: A WfW security curiosity (possibly another security hole) (fwd)
From: Michael Nelson <mikenel @ netcom . com>
Date: Thu, 18 Jan 1996 13:59:40 -0800 (PST)
To: Brain21 <brain21 @ montag33 . residence . gatech . edu>
Cc: firewalls @ greatcircle . com, hackmsoft @ c2 . org, pgut01 @ cs . auckland . ac . uk
In-reply-to: <Pine . LNX . 3 . 91 . 960118111416 . 10297E-100000 @ montag33 . residence . gatech . edu> 
On Thu, 18 Jan 1996, Brain21 wrote:

> On this list, we discussed M$ password scheme.  I think that this is 
> relevant to the list.  This is just another password problem w/ M$ 
> software that people should be aware of, especially when securing 
> corporations that use this stuff.

The WFWSYS.CFG file can be freely modified using the admincfg.exe provided
with Windows for Workgroups. The file keeps track of configuration options
for WFW networking. Some of the options include:

Enabling/Disabling file, printing, DDE sharing
Enabling/Disabling password caching
Password expiration
Domain Validation
... and a bunch of other stuff ...

admincfg.exe is on one of the WFW disks, but it is not installed by 
default. Also note, that admincfg.exe gives you the ability to 
password protect this file to prevent casual trouble-makers from 
playing with it.

-- MIke
References:
Indexed By Date Previous: Firewall Questions (long)
From: "Brian K. Walters" <psiphi @ voicenet . com>
Next: Wonderings
From: Sick Puppy <sikpuppy @ maestro . com>
Indexed By Thread Previous: BoS: A WfW security curiosity (possibly another security hole) (fwd)
From: Brain21 <brain21 @ montag33 . residence . gatech . edu>
Next: Sidewinder URL
From: "FreedmanJ" <FreedmanJ @ mail . ndhm . gtegsc . com>
Google
 
Search Internet Search www.greatcircle.com