kurtbuffLIGHTMAIL.COM

• Next message: Gene R. Gomez: "Re: NT ACCESS ROLES"
• Previous message: Loschiavo, Dave: "Re: NT encryption"
• In reply to: Glenn Pearl: "Re: NT encryption"
• Next in thread: Alan Ramsbottom: "Re: NT encryption"
• Next in thread: Loschiavo, Dave: "Re: NT encryption"
• Reply: Kurt Buff: "Re: NT encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I slightly misspoke when specifying the versions of NT that were vulnerable.
As you said, SP4 eliminated the vulnerability.

However, I didn't know at all about the add-in for Win9x - That's very good
news.

Also, I hadn't tried any of the other High-ASCII characters, and it's very
good news indeed that they are also usable.

Thanks for the info!

Kurt

-----Original Message-----
From: Focus on Microsoft Mailing List
[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Glenn Pearl
Sent: Wednesday, September 20, 2000 09:44
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: NT encryption

I was not aware that there was any limitation on allowable extended-ASCII
characters. I have used passwords that contain characters not in the list
below (for instance, 0212), and have had no problems logging on to any NT or
Win9x box in our network.

Concerning LM on Win9x, you can now use NTLM2 on those boxes by installing
the Directory Services Client from the W2000 CD (Q239869). NT 4.0 has had
NTLM2 support since SP4. Q147706 tells how to configure this.

Hope it helps,
Glenn Pearl
Brooke Staffing Companies
glennpbrooke-staffing.com

• Next message: Gene R. Gomez: "Re: NT ACCESS ROLES"
• Previous message: Loschiavo, Dave: "Re: NT encryption"
• In reply to: Glenn Pearl: "Re: NT encryption"
• Next in thread: Alan Ramsbottom: "Re: NT encryption"
• Next in thread: Loschiavo, Dave: "Re: NT encryption"
• Reply: Kurt Buff: "Re: NT encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]