Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Anyone know how to stop c2myazz from obtaining passwords on nt?
- To: NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
- Subject: Anyone know how to stop c2myazz from obtaining passwords on nt?
- From: Stephen / Wendy Mann <manntiac.net>
- Date: Fri, 21 Aug 1998 09:53:37 -0400
- In-Reply-To: <199808131830.OAA21561mx1.tiac.net>
- Reply-To: manntiac.net
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
c2myazz.exe is available at http://www.nmrc.org/files/nt/c2myazz.zip this is directly out of novells web page at http://www.novell.com/intranetware/ntint/msfud2.html "On Friday, April 25, 1997, a utility was published named C2MYAZZ.EXE. This utility allows anyone with access to a network connection to collect the usernames and passwords of every individual that authenticates to an NT domain on that segment. With this utility, a hacker does not need physical access to the NT server, and does not need to be authenticated to the NT server or domain. A hacker could simply connect a laptop to any network connection and collect every NT server username and password completely unbeknownst. This is a very serious compromise to the NT server security" does anyone know if there is a registry setting or something to that effect to stop nt from sending a clear text password? From the desk of Stephen
- Prev by Date: No Subject
- Next by Date: No Subject
- Prev by thread: Re: Interesting 'feature' in IIS 4.0 SMTP Server component.
- Next by thread: Re: Anyone know how to stop c2myazz from obtaining passwords on n t?