Web lists-archives.com

Re: [Samba] how safe is "net use" in a batch file? plus some encryption questions




On Sat, 11 Nov 2017 13:32:31 -0600
Andrew Walker <walker.aj325@xxxxxxxxx> wrote:

> I thought "net use" will use ntlm for auth (no clear-text passwords
> passing over the wire). At least that's what I see in wireshark on
> modern windows.
> 

If you use NTLMv1, you might as well use plain passwords. Given the
NTLMv1 password, it would take your average badhat about half an hour
to have the plain password.

> 
> Unless your XP systems are air-gapped, it is that bad ;-)
> 
> I know that in some cases it's impractical to upgrade Windows
> versions. For instance, I helped a man once who had a machine shop /
> small business. His CNC mill required windows 98. Replacing the CNC
> mill would cost over $50,000, which was not practical; however,
> keeping the network air-gapped was practical.

There are cases when using an old OS version is valid, but they are few
and far between, the case above is one of them. In Stefan's case, I am
sure that an upgrade path can be found, it may prove to be cheaper in
the long run ;-)

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba