[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux banned after Samba misconfigation blocks NT authentication

To: Multiple recipients of list RANDOM-BITS <random-bits@essential.org>
Subject: Linux banned after Samba misconfigation blocks NT authentication
From: James Love <love@cptech.org>
Date: Fri, 01 Oct 1999 19:45:57 -0400
Sender: jpl@genoa.essential.org

Interesting note regarding problems between Linux and NT.

Jamie


RISKS-LIST: Risks-Forum Digest  Friday 1 October 1999  Volume 20 : Issue 61


----------------------------

Date: Fri, 01 Oct 1999 00:04:09 -0500
From: "B. W. Fitzpatrick" <fitz@red-bean.com>
Subject: Linux banned after Samba misconfigation blocks NT authentication

I received this from a friend who works at A Very Large Corporation
and has requested that both he and the company remain anonymous. From
what I can tell, someone at said company was fiddling with a Linux box
and configured it to be the Primary Domain Controller (instead of
authenticating off of the Primary Domain Controller). Well, this hosed
all NT domain authentication in the company and prevented anyone from
authenticating until the offending PDC was removed from the
network. The end result? The company is banning Linux.

Now, this *exact* same thing happened to a friend of mine at another
company, but it was quickly fixed, identified, and Linux is still in
use there today. Same problem, different result. 

While I'm not by any means an NT guru, this seems to be a HUGE
vulnerability in the NT Domain Authentication mechanism--if I ran a
network where anyone can plug into my network and stop all
authentication this easily, I would be scared out of my wits.

Here's the body of the e-mail. I for one would like to send the author a
copy of "On Writing Well." The names have been changed to protect the
ignorant:

  We have encountered an incident with the Linux desktop operating
  system.  A Linux box named <foobar> had assumed control of our domain
  yesterday and temporarily paralyzed our network.  The box has been
  identified and shut down.  Affective[sic] immediately, all use of
  Linux systems within the <company name> domain will be discontinued
  until further notice.

  We will need to justify Linux opportunities within <company name>
  followed by a thorough evaluation of the ramifications of deploying
  this new technology.  Along with the identification of security risks,
  policy must also be established to properly administer Linux within
  our environment.

  All cooperation with this notice is required and appreciated.  We will
  define a focus group to address this challenge.  If anyone wishes to
  be part of this study, please feel free to let me know.  I'll keep you
  all apprised of our status.

The RISK? Attacking the symptoms and not the problem doesn't really
solve anything. 

Brian W. Fitzpatrick, Project Manager/Lead Programmer
-- 
--------------------
James Love, Consumer Project on Technology
love@cptech.org, http://www.cptech.org
P.O. Box 19367, Washington, DC 20036
v. 202.387.8030, f. 202.234.5176

Prev by Date: Greyday.org, Grayday.org
Next by Date: Bill Frezza's article about the privacy implications of IPv6
Prev by thread: Greyday.org, Grayday.org
Next by thread: Bill Frezza's article about the privacy implications of IPv6
Index(es):
- Date
- Thread