Re: FW: WinNews Special Issue

[wwcoot () lpdwhy bhp com au (Tim Cook)]

According to my E-mail, Scott Chasin <chasin () CRIMELAB COM> said:
> ----------
> From:   WinNews () microsoft com[SMTP:WinNews () microsoft com]
> Sent:   Saturday, October 21, 1995 10:08 AM
> To:     WinNews () microsoft nwnet com
> Subject:        WinNews Special Issue
>
>            Microsoft(R) WinNews Electronic Newsletter
>                 Special Issue,  October 20, 1995
>
> ***********************************************************
> Here is some important information on Windows 95 that
> may affect some of you.  Please make certain to read it.
>
>
> UPDATED DRIVERS FOR WINDOWS 95 FILE AND PRINTER SHARING
> SECURITY ISSUE - October 20, 1995
>
> Microsoft wants its customers to know that it has
> discovered and fixed a potential security problem with file
> and printer sharing in Windows 95.  Only customers who have
> enabled file and printer sharing - a non-default option -
> may have been at risk, and, to the best of our knowledge,
> no users have been harmed.  Nevertheless, Microsoft
> regards this potential problem with the greatest
> seriousness and, we have worked hard over the past week to
> resolve it.  Microsoft recommends customers using File and
> Printer Sharing upgrade to the newer drivers.
[...]
> Customers whose environments meet all of the conditions
> below, may have their data susceptible to network or
> Internet hackers:
>
>     1. They configure their machine to share files and
>         printers with other users on the network using File
>         and Printer Sharing for Microsoft Networks (This
>         option is not turned on by default)
>
>     2. They share a LAN, Internet, or Dial-Up connection
>         with a UNIX-based computer running Samba's
>         SMBCLIENT software
>
>     3. The network administrator does not disable peer
>         services using System Policies
>
> The Samba SMB client allows its users to send illegal
> networking commands over the network. The Samba client is
> the only known SMB client at this time that does not filter
> out such illegal commands.  SMBCLIENT users do not
> automatically have access to the Windows 95 drive, and
> must know the exact steps to send these illegal commands.
>
> The updated driver prevents these illegal commands from
> being executed, preventing SMBCLIENT users from accessing
> the drive on which sharing is enabled.  With the updated
> driver, the SMBCLIENT user will only have access to those
> shared folders that the Windows 95 user has designated.

As mentioned in the Samba mailing list, I hope other BUGTRAQ
subscribers can recognise that "The Samba SMB client allows its users
to send illegal networking commands over the network" is an
interesting spin on reality.

If smbclient is able to subvert SMB file security, I would have
thought that would be due a shortcoming in the SMB protocol, or how
the Windows 95 SMB driver behaves (or something similar), rather than
because of "illegal networking commands" coming from smbclient.
Perhaps it is my grasp of reality that is lacking...

It is a shame smbclient was not developed by IBM or some such entity,
as we might all get to watch an interesting defamation suit.

"According to Enderle, [Dataquest's senior industry analyst,
client/server software], [Microsoft] spent only $US120 million on
developing Windows 95, while it spent $300 million on marketing the
product." - Computerworld, 13th October 1995.

Perhaps this explains Microsoft's approach to security bulletins...

--
Tim Cook, Unix Systems Administrator, BHP Information Technology
Address:        PO Box 21, Whyalla, Australia 5600
Phone:          +61 86 404596   Fax: +61 86 404760
--
This message in no way represents the opinion of BHP IT or BHP.