Re: NT password encryption & name service

Wed, 20 Dec 2000 11:58:35 -0800 

What kind of tool did you use to run it?

TIA

Guzheng


>From: "Lance Ecklesdafer" <[EMAIL PROTECTED]>
>To: "Carl Ma" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
>Subject: Re: NT password encryption & name service
>Date: Wed, 20 Dec 2000 13:06:43 -0500
>
>Precisely why you should run Windows 2000 networks in native mode and use
>Kerberos V5 as the preferred authentication method. The mixed mode 
>operation
>of this DC (In Windows 2000 there is no PDC or BDC .. all controllers are
>equal peers). You cannot run a Windows 2000 domain in native mode untill 
>ALL
>domain controllers are converted to Windows 2000. The clients will all have
>to be able to do Kerberos authentication as well. The Windows 2000
>Professional Workstation software uses Kerberos V5 in a Wndows 2000 native
>mode domain. As long as you are running Windows NT 4.0 servers as domian
>controllers on Windows 2000 domains, you have to run in mixed mode. The
>mixed mode operation of Windows 2000 domain has the same security weakness
>of the NTLM authentication method.  If this were native mode Windows 2000
>( I am assuming that it is not) the cracking attempt would have been much
>less successful.
>
>Lance
>----- Original Message -----
>From: "Carl Ma" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Wednesday, December 20, 2000 12:00 PM
>Subject: NT password encryption & name service
>
>
> > Hello all,
> >
> > After running password cracking program on our W2000 PDC server, 98%
>passwords
> > are cracked out, even some very complicate passwords like - X1#!h0a_.
> >
> > Is it attribute to the W2000 encryption method? I would like to persuade
>my boss
> > using LDAP as name service. Appreciate any information & idea! I will
>summarize.
> >
> > Thanks & Merry Christmas!
> >
> > carl
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to