|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RAS 'save password' problems...
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM - Subject: Re: RAS 'save password' problems...
- From: martin Dolphin <mdolphinPOBOX.COM>
- Date: Sun, 22 Mar 1998 13:53:02 -0600
- In-Reply-To: <199803201927.OAA16735growl.pobox.com>
- Reply-To: martin Dolphin <mdolphinPOBOX.COM>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
I took Steve's post as a proposed work around. Use a script and enter a user/password combo in the terminal window, not in the dial-up dialog boxes. Thus preventing the credentials from 'hitting' the registry. I haven't tried it but from experience I know that certain dial-up servers, such as AT&T Worldnet, and Linux boxes with AutoPPP turned on, this method won't work. These servers switch to PPP immediately after the user name is entered and request chap/pap auth from the PPP client (or atleast that's my perception) . Also how would a user do a term window for a PPTP connection? I agree that another reason that NT stores this data might be that the credentials need to be accessed by a scripting engine. Compuserve users need to use a script, this script would pop up a 'enter password' dialog if the user didn't tell RAS to save the password, so it seems from this limited experience that the script engine refers to the RASCREDENTAIL information and not RASDIALPARAMS. At 02:02 PM 3/20/98 -0500, Russ wrote: > >When scripting is used, its possible to have a script use the userID and >password entered in the GUI dialog. This could account for another >reason why these credentials are stored in a registry key. I don't think >its a good reason, but it may be another reason (have the scripting >engine refer to a registry key rather than pass it the credentials in >memory, since they may or may not be wanted in the scripting engine). > >Thanks to Steve Kastl for making me think twice about this...;-] > >Cheers, >Russ >
- Prev by Date: Administrivia #8980 - Logo results
- Next by Date: IE Object Bug Code...
- Prev by thread: Re: RAS 'save password' problems...
- Next by thread: Frontpage extensions CGI security!
- Index(es):