Email Address Password
Remember Me

Or Create a (Free) Account.
2004JanFebMarAprMayJunJul Aug Sep Oct Nov Dec
2005 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Oct Oct
2007JanFebMarAprMayJunJulAugSepOctNovDec2007
2008JanFebMarAprMayJunJulAugSepOctNovDec2008
2009JanFebMarAprMayJunJulAugSepOctNovDec2009
2010JanFebMarAprMayJunJulAugSepOctNovDec2010
2011JanFebMarAprMayJunJulAugSepOctNovDec2011
2012JanFebMarAprMayJunJulAugSepOctNovDec2012
2013JanFebMarAprMayJunJulAugSepOctNovDec2013
2014JanFebMarAprMayJunJulAugSepOctNovDec2014

Mon 10th Sep 01:02 2007: Rainbow Hashes

http://www.codinghorror.com/blog/archives/000949.html : Rainbow Hash Cracking

Scary things, Rainbow Hashes; it's why the UNIX world came up with the Salting idea decades ago. Unfortunately, MS's LAN Manager team hadn't heard of that idea, and inertia being what it is, seems to suggest that Windows Server 2003 still accepts that authentication:

Unfortunately, Windows servers are particularly vulnerable to rainbow table attack, due to unforgivably weak legacy Lan Manager hashes. I'm stunned that the legacy Lan Manager support "feature" is still enabled by default in Windows Server 2003. It's highly advisable that you disable Lan Manager hashes, particularly on Windows servers which happen to store domain credentials for every single user. It'd be an awful shame to inconvenience all your Windows 98 users, but I think the increase in security is worth it.

I'd say that putting Windows98 users to any level of inconvenience would be worth it.


Comments for 'Rainbow Hashes'

You could post a comment if you were logged in.

You are logged in as 0

create an account

Steve's urandom blog
Share on Twitter Share on Facebook Share on LinkedIn Share on Identi.ca Share on StumbleUpon
My Shell Scripting Book:
    Shell Scripting, Expert Recipes for Linux, Bash and more
is available online and from all good booksellers:


DefectiveByDesign.org