>NT boxes can often be tricked or forced into authenticating with weak
>encryption or even in the clear.
Not with the latest updates I think. However, if you really want to expose
your network, run a password-protected webserver using the same NT SAM used
on the LAN for authentication :-).
If you're going to be using the LAN's NT SAM for authentication, I'd suggest
setting the Account Policy to disable the account after three incorrect
password attempts, and re-enable it after a few minutes.
Brian Steele
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
