[Wolves] OT: Windows is 25

Stephen Welch stephenw at invictustechnology.co.uk
Sat Nov 29 08:57:09 UTC 2008


Hi all,

2008/11/29 Kris Douglas <webbox.uk at gmail.com>:
<snip>

> It always makes me wonder how much code they recycle. I bet there's
> still some code in their operating system that is borrowed from old
> versions.

As an example the LM hash, originally invented for use in LAN Manager
over 22 years ago is still used as the default athentication hash for
passwords less than 15 characters in length for win2k3!!

You can crack it it in seconds using software like Cain, rainbow crack, et al.

It is not required if you do not have any 95/98 clients on the domain
-  WHY DONT THEY TURN IT OFF BY DEFAULT -eh??

You can turn it off via group policy and force the NTLMv2 or Kerberos
authentication depending on you domain setup and the services you have
running on that domain.

I imagine there are some good bits and bad bits.

Stephen



More information about the Wolves mailing list