[ale] smb sharing

David Hamm dhamm at itserve.com
Thu Oct 2 16:56:35 EDT 1997


>David,
>
>Samba uses Lanman authentication which sends passwords as clear text. Prior
>to SP3 NT was defaulted to use a secure NT session for logon but for
>backward compatibility with Lanman servers it would honor a servers request
>for a non-secure logon. This left the system vulnerable to a sniffing and
>man in the middle attacks. SP3 included a new registry entry that allows
>you to set the type of authentication you want. The default is for secure
>logons only.
If this is the case then why can I mount the other smb servers?

> There is also a set of libraries for Samaba that enable it to
>do secure logons.
>
>The following knowledge base article discuses the changes in SP3 and how
>they affect SMB logons.
>
>With Unencrypted Password SP3 Fails to Connect to SMB Server
>
>When attempting to connect after you upgrade to Windows NT 4.0 Service Pack
>3, you receive the following error message: 
>
>     System error 1240 has occurred.
>
>     The account is not authorized to login from this station.
>
>
>http://www.microsoft.com/kb/articles/q166/7/30.htm
>
>
>
>These are the Samba sites:
>
>http://samba.anu.edu.au/
>http://samba.anu.edu.au/samba/
>
>
>Another sysadmin that I know was having the same problem. The following is
>an excerpt from a message they sent to me about how they fixed Samaba so
>that it defaults to secure logons.
>
>>1) get and compile the libdes libraries. the source is available from
>>ftp://samba.anu.edu.au/pub/libdes/
>>
>>Rick said that he installed the patch 1 to the ...17 release of Samba
>>and went to the above location and got all the libdes libraries and it has
>>fixed all of his NT problems - he was getting back the same error messages
>>we were getting.  He gave me a userid and password on his system and I
>>logged in quite successfully using my userid and password.
>>
>
>keith
>-------------
>
>Keith R. Watson                        GTRI/AIST
>Computer Services Specialist IV        Georgia Institute of Technology
>keith.watson at gtri.gatech.edu           Atlanta, GA  30332-0816
>404-894-0836

------         David Hamm - dhamm at itserve.com           --------






More information about the Ale mailing list