Bugtraq mailing list archives
NT security et al
From: hobbit () avian org (*Hobbit*)
Date: Wed, 25 Sep 1996 13:06:57 -0400
I've been screwing around some with netbios in general, and being more or less horrified [but not surprised, this is microsnot after all]. I've learned that one hack you can do in the absence of any other overall defenses is to use a non-null SCOPE ID. They don't recommend it but that's probably just because of the potential administrative headaches in manually changing the scope on every machine in a facility. The scope ID would be sort of a "global password" to your netbios service, sort of the same way as YP domains, so it needs to be nonobvious and kept within your walls. Better than nothing, though... Unfortunately the right place to set it seems to be buried under obscure and ill-named menu items that vary from platform, so you'll have to hunt around. _H*
Current thread:
- Vunerability in HP sysdiag ? John W. Jacobi (Sep 21)
- Re: Vunerability in HP sysdiag ? Shaun Lowry (Sep 25)
- Re: Vunerability in HP sysdiag ? Aggelos P. Varvitsiotis (Sep 25)
- Re: Vunerability in HP sysdiag ? Tobias Richter (Sep 25)
- NT 4.0 default permissions Dan Shearer (Sep 25)
- HP-UX SAM hole... John W. Jacobi (Sep 25)
- NT security et al *Hobbit* (Sep 25)