NOVELL FOLK. WHY AREN'T YOU USING THIS TO "BURY" THEM?? I WOULD HAVE A "FIELD DAY" WITH THIS! WHAT ARE YOU AFRAID OF??? "TRASH THEM", "BURY THEM". MAN, YOU GOT THE GOLDEN OPPORTUNITY HERE!!!!!!!!!!!!!!!!!!!
Joe...<WANT ME TO DO YOUR PR? .... IT'LL COST YA' (BIG TIME), BUT I GUARANTEE RESULTS! <GRIN>>
monmouth.com
=====================================================================
Utility to manage NT/Unix files leaves
NT passwords vulnerable
By Judy DeMocker
InfoWorld Electric
Posted at 8:29 AM PT, Apr 4, 1997
In the process of solving the problem of managing password files for both Windows NT and
Unix, a programmer may have left networks running NT wide open to attack.
Using a utility the programmer developed and that is freely available on the Internet,
administrators can access for the first time the Security Accounts Manager file of NT, which
houses system passwords.
"This utility program meets a need, solving the problem of password synchronization
between Unix and NT," said Jeremy Allison, programmer at Cygnus Solutions, in Sunnyvale,
Calif., who authored the utility. "But it puts in plain sight what Microsoft should have
documented a long time ago: the hashed passwords."
Although the utility itself doesn't compromise the security of the NT environment, it does
contain code that can be used to gain access to the system's password file and can be used
to create a program to impersonate a user on a network or to capture passwords that have
been encrypted.
Microsoft has greatly downplayed the potential breaches in security, saying that passwords
will only be vulnerable to systems administrators, and that alternating lowercase and
uppercase letters with numbers in a password is sufficient protection.
Some analysts also questioned the severity of the security risk, although acknowledging its
potential for damage.
"Someone had to screw up setting up the accounts in order for there to be any exposure to
this utility," said Tom Harris, research director at International Data Corp., in Framingham,
Mass. "If you rely on the defaults, though, you're taking your chances."
One hacker, who goes by the pseudonym Maglite, said that extraction programs are nimble
enough to sort out variations in case and numbers, and that his fellows in Boston, Seattle,
and Australia have actually created hacking tools that can do point-and-click password
extraction. Those programs are expected to hit the streets by this weekend.
Once a CIFS plain-text password is known, a dictionary test will reveal the English
password, effectively decrypting the password, which can then be used to attack a system.
The password of a privileged account, such as that of a systems administrator, can give an
unauthorized user comprehensive control of a network, including the ability to add new users
to a network. Those passwords are best captured using a Trojan Horse, a very
sophisticated program that captures a plain-English password as it is typed in.
Maglite offers one way to avoid such programs.
"Never log in as "Administrator," because that's when you're vulnerable to a Trojan Horse,"
Maglite said.
Maglite has in hand a Trojan Horse program, the most sophisticated way to learn
passwords, that uses the utility's code and can make NT networks vulnerable. He said he
will not release it to the public.
"That would be irresponsible," Maglite said.
For more information, check out dis.org.
Microsoft Corp., in Redmond, Wash., is at microsoft.com.
Bob Trott contributed to this story.
Go to the Week's Top News Stories
Please direct your comments to InfoWorld Electric News Editor Dana Gardner.
Copyright c 1997 InfoWorld Publishing Company
=====================================================================
===================================================================== |
