Re: [Samba] how safe is "net use" in a batch file? plus some encryption questions
- Date: Sat, 11 Nov 2017 13:32:31 -0600
- From: Andrew Walker via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] how safe is "net use" in a batch file? plus some encryption questions
On Sat, Nov 11, 2017 at 12:26 PM, Stefan G. Weichinger via samba <
> Am 2017-11-11 um 13:36 schrieb Rowland Penny:
> > As far as I am aware, 'net use' sends the password unencrypted, so if
> > someone is trying to 'sniff' the password, they will get it, but then
> > if the password is stored in the bat file unencrypted and anybody can
> > read the bat file, they wont need to 'sniff' the password.
> Yes, we know ;-)
I thought "net use" will use ntlm for auth (no clear-text passwords passing
over the wire). At least that's what I see in wireshark on modern windows.
> The thin client with the batch file is physically far away from the
> server which is in a protected rack inside a closed basement.
> I think I will try to wireshark such a session. Just to learn.
> > You can make XP use NTLMv2, see here:
> > https://www.imss.caltech.edu/node/396
> Great, I will test that on monday. thanks.
> > I don't know who your customer is, but they really should find a more
> > up to date way of doing things.
> That's why we talk and discuss these issues.
> > Cannot help you with encryption, I don't use it. However I feel that I
> > should point out that the rest of the system seems to be so insecure,
> > that if a badhat does get in, they will problem get the encryption keys
> > as well.
> oh, come on, it's not that bad ;-)
> greets, Stefan
Unless your XP systems are air-gapped, it is that bad ;-)
I know that in some cases it's impractical to upgrade Windows versions. For
instance, I helped a man once who had a machine shop / small business. His
CNC mill required windows 98. Replacing the CNC mill would cost over
$50,000, which was not practical; however, keeping the network air-gapped
To unsubscribe from this list go to the following URL and read the