[plug] Samba And Windows

[Kai]

Sorry, I know this is off topic and on the wrong user group =), but, has
anyone got an opinion of Win 98, 2000 and ME?

----- Original Message -----
From: Christian <christian at amnet.net.au>
To: <plug at plug.linux.org.au>
Sent: Thursday, July 20, 2000 5:47 PM
Subject: Re: [plug] Samba And Windows


> On Thu, Jul 20, 2000 at 05:12:27PM +0800, Steve Baker wrote:
>
> > Probably a password encryption problem.  NT/2000 encrypt the passwords,
> > 95/98 do not.  There are some readme's in the samba docs that tell you
all
> > about it, and how to either turn the encryption off (bad) or get samba
to
> > work with them (good).
>
> Wasn't this the Microsoft protocol where a hash of the password became
> the authentication token itself?  In such a case hashing brings almost
> no security whatsoever and you may as well not have "encrypted"
> passwords at all.  (This may not be the same protocol or they may have
> fixed it but I've got a feeling it is.)  BTW, I also think that 95/98
> use some "encryption" scheme too because I remember reading about it
> when I set up a Linux box to do file serving to two 95 machines a couple
> of years ago.  Perhaps 2000 uses a different system or protocol though.
>
> It's also funny how people (not you in particular, people in general)
> like to equate cryptography with security.  "Encryption good,
> non-encryption bad."  At the end of the day cryptography *can* bring
> security but the security of the overall system has more to do with the
> way it's implemented and used rather than the presence or absence of
> cryptography.  Sometimes cryptography can make a badly implemented or
> used system actually less secure.
>
> Regards,
>
> Christian.
>
>