search for: zerologin

Mandi! Andrew Bartlett via samba In chel di` si favelave... > If you don't have any trusted domains then the big thing is an attacker > being able to remove a member server from the domain, or get session > keys (assisting a takeover 'MITM attack' of an existing session). So, effectively, on NT domain the attack surface of the bug is reduced? If i've understood well

The following applies to Samba used as domain controller only. (Both as classic/NT4-style and active direcory DC.) Samba users have reported that the exploit for "ZeroLogin" passes against Samba. Samba has some protection for this issue because since Samba 4.8 we have set a default of 'server schannel = yes'. Users who have changed this default are hereby warned that Samba implements the AES netlogon protocol faithfully and so falls to the same...

The following applies to Samba used as domain controller only. (Both as classic/NT4-style and active direcory DC.) Samba users have reported that the exploit for "ZeroLogin" passes against Samba. Samba has some protection for this issue because since Samba 4.8 we have set a default of 'server schannel = yes'. Users who have changed this default are hereby warned that Samba implements the AES netlogon protocol faithfully and so falls to the same...

On Fri, 2020-09-18 at 15:39 +0200, Marco Gaiarin via samba wrote: > Mandi! Karolin Seeger via samba > In chel di` si favelave... > > > (Both as classic/NT4-style and active direcory DC.) > > I've searched some info on impact of this bug on NT domains, finding > nothing on the net. > > OK, NT domain are dead, i know, but... i seek some feedback. > On real