Hosting Provided By

Re: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618

From: Anders Reed Mohn <anders_rm(at)utepils.com>
Date: Fri Jun 20 2003 - 04:51:07 EDT

Original Message ----- From: "Damon McMahon" <inst_karma@hotmail.com> To: <deppdm@ornl.gov>

> Running windump on a Windows 2000 client and tcpdump on a MacOSX 10.1
client
> shows the login: and password: transmitted in clear text to a Windows XP

This doesn't answer your question directly, but Microsoft stated in security bulletin
00-67:

"Windows 2000 includes a telnet client capable of using NTLM authentication when connecting to a remote NTLM enabled telnet server. A vulnerability exists because the client will, by default, perform NTLM authentication when connecting to the remote telnet server. "

Thus, NTLM seems to have been the default choice originally. I guess the patch from that security bulletin might have changed the default setting?

Cheers,
Anders :)

Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm

Received on Fri Jun 20 12:25:15 2003

Do you need help?

This message: [ Message body ]
Next message: Burton M. Strauss III: "RE: network segment range which NIDS can detect?"
Previous message: Jim: "RE: Digital Evidence Question - What is an effective Windows hard -disk search tool?"
In reply to: Damon McMahon: "Re: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618"
In reply to dave(at)netmedic.net: "RE: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:04:58 EDT