Okay, just a few pointers. 1. On Win95 - If one does not have access to a user "account" on the local machine one can either cancel the login or just login with a new username and password. Win9x was made for the home environment and has separate accounts only to give prefs and desktops for separate people as they would each like it. 2. On a peer to peer network with Win9x involved one can access "shared" resources freely at this point if they have no additional controls enabled - typical in a closed computing environment (not good, but typical.) 3. On a peer to peer with NT4 WS involved the NTFS drives have more security options available, though not necessarily actuated. 4. On a peer to peer with NT4 Server involved as an available stand-alone server the server protects only its own resources. 5. If NT4 server network is setup as a Domain there is a Primary Domain Controller (PDC) and zero or more Backup Domain Controllers (BDCs). These handle authentication to the Domain and security within the Domain is controlled however it is setup - well or poorly. 6. With Win2K there are 1 or more Domain Controllers involved with no PDC/BDC differentiation involved. 7. IF (Big IF) security is setup with any thought to security, there with be a Domain involved, with NTFS in use on the servers and all data residing on the servers (thus the designed-for-home-user Win9x will not be "protecting" anything) and well formed passwords will be enforced (thus minimizing the abilities of such toys as lophtcrack). I hope that this helps with the theoretical musings. And, of course, this was purely educational and only a top level view at that. Paul H. Merrill, Master CNE, MCSE+I [EMAIL PROTECTED] wrote: > > Okay... > > Remember, this is THEORY only... The forthcoming messages from my email > address ([EMAIL PROTECTED]) constitute educational comments only. > Everything discussed in the forthcoming emails is for educational and > theoretical purposes only. No information I present may be used against > me. No information I present may be used in an illegal fashion. > ----- > > First off, is this Microsoft Network run by an NT server.. in other words, > is there a master NT server on the network? > If not, there is a well known bug in windows 9x. If a user does not have > an account on a windows 9x machine, they can usually hit CANCEL at the > login prompt, and they will be presented with a desktop. On purely > Windows 9x networks, the user will still have network access. This > doesn't work if there is an NT machine acting as a network server. > Theoretically, one could have access on the network, provided one knew the > passwords to the shared drives, if one were to press CANCEL at the login > prompt. > > -Me > > On Thu, 15 Jun 2000, Angela wrote: > > > My experience of hacking at the moment is limited to simple brute force, > > password guessing (with which I had a lot of sucsess). > > But I want to hack a Microsoft Windows 95 Network. > > And I really need your help. > > > > P.S. Do I have to get past the PWL file? How? > > And what will happen if I just delete the file? > > > > Iceangel. > >
