Great Circle Associates Firewalls
(December 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: NT filesharing security broken
From: "Stout, Bill" <bill . stout @ hidata . com>
Date: Tue, 17 Dec 1996 09:31:05 -0800
To: "'Firewall List'" <firewalls @ GreatCircle . COM> 
If you connect NT systems to the internet, TURN OFF SERVER SHARING!

I had posted previously my belief that SMB security is broke, since even
administrative shares allow access as a valid user using only plain text
UIDs in the SMB/NetBios messages.

The following link is an Article in Dec 16 (Monday) Information week
which 
talks of an undisclosed hack and exploit programs which will be
effective
to access any file in an NT system until NT has Kerberos.

http://www.techweb.com/se/directlink.cgi?IWK19961216S0026

Bill Stout
Follow-Ups:
Indexed By Date Previous: Long Post... Is Microsoft Asking for Trouble or Is it in Denial?
From: Nachos served with butter <nachos @ dis . org>
Next: HELP ! w/dns and fw-1
From: "Martin C. Walker" <martinw @ epcorp . com>
Indexed By Thread Previous: Long Post... Is Microsoft Asking for Trouble or Is it in Denial?
From: Nachos served with butter <nachos @ dis . org>
Next: Re: NT filesharing security broken
From: Craig Brozefsky <cosmo @ ebs . net>
Google
 
Search Internet Search www.greatcircle.com