[3392] in bugtraq
NT security et al
daemon@ATHENA.MIT.EDU (*Hobbit*)
Wed Sep 25 17:08:41 1996
Date: Wed, 25 Sep 1996 13:06:57 -0400
Reply-To: *Hobbit* <hobbit@avian.org>
From: *Hobbit* <hobbit@avian.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
I've been screwing around some with netbios in general, and being more or
less horrified [but not surprised, this is microsnot after all]. I've
learned that one hack you can do in the absence of any other overall
defenses is to use a non-null SCOPE ID. They don't recommend it but that's
probably just because of the potential administrative headaches in manually
changing the scope on every machine in a facility.
The scope ID would be sort of a "global password" to your netbios service,
sort of the same way as YP domains, so it needs to be nonobvious and kept
within your walls. Better than nothing, though... Unfortunately the right
place to set it seems to be buried under obscure and ill-named menu items
that vary from platform, so you'll have to hunt around.
_H*
