Bugtraq mailing list archives

Re: LM hashes in a hot-desking environment

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Sat, 27 May 2006 12:31:46 +0200

On 2006-05-25 feedb4ck () z4ck org wrote:

Although it is a well known fact that Windows desktops and servers
still use LM Hashes and cache the last ten userids and passwords
locally, just in-case an Active Directory, Domain, or NDS tree are not
available, has anyone thought about the consequences of this issue in
a hot-desking, or flexible working environment?


That's why you use policies to disable use of LM hashes and caching of
passwords in environments like that.

Regards
Ansgar Wiechers
-- 
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc

Current thread:

LM hashes in a hot-desking environment feedb4ck (May 26)
- Re: LM hashes in a hot-desking environment 3APA3A (May 27)
- Re: LM hashes in a hot-desking environment Ansgar -59cobalt- Wiechers (May 27)
  - Re: LM hashes in a hot-desking environment The Little Prince (May 29)
- RE: LM hashes in a hot-desking environment Roger A. Grimes (May 27)