[wpkg-users] security issues [SEC=UNCLASSIFIED]

Michael Chinn m.chinn at gbrmpa.gov.au
Tue Jun 12 02:17:29 CEST 2007 

We run 250 machines in a workgroup environment with samba 2.2.8 (dont 
ask) and user level security. When we went to set up wpkg we found that 
we needed a samba 3 server with user level access. At this point the 
wpkg user credentials were passed correctly between machines when 
connections were attempted using (as far as I can tell) NTLMv2. Of 
course the user/pass must exist on both machines, but you dont need 
guest access.

client NTLMv2 auth = Yes

-- 
Michael Chinn
User Support Officer - Information Technology

Great Barrier Reef Marine Park Authority
PO Box 1379
TOWNSVILLE, QLD 4810

Ph 07 47500874 Fax 07 4772 6093
michaelc at gbrmpa.gov.au 

================================================================================
If you have received this transmission in error please notify us immediately
by return email and delete all copies. Any unauthorised use, disclosure or
distribution of this email is prohibited.
================================================================================



Marco Gaiarin wrote, On 11/06/2007 17:27:
> Mandi! Florian Klaempfl
>   In chel di` si favelave...
>
>   
>> Is this a real issue? Having the ability to connect a machine with admin
>> access to the network (this is required to setup a fake server) offers a
>> lot of other possible DoS attacks (formatting a hard disk of a client PC
>> is no more than a DoS attack to this machine).
>>     
>
> I'm exactly thinking about this.
>
> On a 'old domain' (NT4, Samba, W2k in compatibility mode) there's still
> a 'machine account' that have to be setted up, and the machine account
> have to be initialized with an administrator password (eg, someone in
> Domain Admins group).
>
> But if i've got an account in Domain Admins, nothing in the windows lan
> are secure. At this point, using WPKG or not using WPKG it is only a
> choiche of the attacker, that have *FULL* control of the lan...
> I'm not aware of the existence of attacks to the 'machine account' of
> NT4/samba.
>
>
> The question, for me, is another: is the 'workgroup' a supported
> environment for WPKG?
> If yes, some sort of 'authentication' have to be implemented, or at
> least state that a 'share level' password in the share are a minimum
> requirement.
>
>   

wpkg-users mailing list
wpkg-users at lists.wpkg.org
http://lists.wpkg.org/mailman/listinfo/wpkg-users

More information about the wpkg-users mailing list