samba - Mar 1998 - Invalid password length 18255 (fwd)

has anyone else had similar problems to this?  please reply to
samba-technical and samba-ntdom.  also please remember that i am not on
the samba@samba.anu.edu.au list.

<a href="mailto:lkcl@samba.anu.edu.au" > Luke Kenneth Casson
Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network
Development </a>
<a href="http://www.samba.co.uk"       > Samba and Network
Consultancy </a>

---------- Forwarded message ----------
Date: Sat, 21 Mar 1998 11:56:59 +1100
From: Craig Kelley <ink@inconnu.isu.edu>
To: Multiple recipients of list <samba-ntdom@samba.anu.edu.au>
Subject: Invalid password length 18255

I've setup ntdomain passwords with samba before and it worked fine; today
(March 20) I set it up again on a RedHat 4.2 box and I keep getting this
message in the samba logs when I conencect (after it chooses [NT LM 0.12] 
as the protocol):

[000] 00 00 52 58 4E 45 54 00  57 69 6E 64 6F 77 73 20  ..RXNET. Windows
[010] 4E 54 20 31 33 38 31 00  00 57 69 6E 64 6F 77 73  NT 1381. .Windows
[020] 20 4E 54 20 34 2E 30 00  00                        NT 4.0. .
switch message SMBsesssetupX (pid 17232)
03/20/1998 17:51:39: ERROR: Invalid password length 18255
your machine may be under attack by a user exploiting an old bug
Attack was from IP=134.50.8.81
Closing connections                                                            

The machine used to belong to the "RXNET" domain (NTServer) and I was
attempting to switch it over to my samba domain, but the server is mis-
interpreting the above message.  (this was generated from attempting to
browse the samba domain).  The Windows message is "An unexpected network
error occured".

---

When I attempt to change over to the new domain (INKD), it gets a bit
further (again, this snip is after the security is set to [NT LM 0.12]):

smb_bcc=5
[000] 49 4E 4B 44 00                                    INKD.
write_socket(5,78)
write_socket(5,78) wrote 78
got smb length of 133
got message type 0x0 of len 0x85
03/20/1998 17:56:22 Transaction 2 of length 137
size=133
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=3
smb_tid=0
smb_pid=51966
smb_uid=0
smb_mid=0                                                                      
smt_wct=13
smb_vwv[0]=117 (0x75)
smb_vwv[1]=102 (0x66)
smb_vwv[2]=61440 (0xF000)
smb_vwv[3]=50 (0x32)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=17253 (0x4365)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=1 (0x1)
smb_vwv[8]=18255 (0x474F)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=212 (0xD4)
smb_vwv[12]=0 (0x0)
smb_bcc=41
[000] 00 00 52 58 4E 45 54 00  57 69 6E 64 6F 77 73 20  ..RXNET. Windows
[010] 4E 54 20 31 33 38 31 00  00 57 69 6E 64 6F 77 73  NT 1381. .Windows
[020] 20 4E 54 20 34 2E 30 00  00                        NT 4.0. .
switch message SMBsesssetupX (pid 17253)
03/20/1998 17:56:22: ERROR: Invalid password length 18255
your machine may be under attack by a user exploiting an old bug
Attack was from IP=134.50.8.81                                                 

I am using arcfour.o from the ssh distribution, which is the only thing
I've done differently since the last time I setup samba PDC.

Thanks,

      Craig

Wheel is turning, but the hamster is dead.
Craig Kelley  -- kellcrai@isu.edu
http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block