[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unix auth via LDAP & now need to add Samba!

To: "Mark H. Wood" <mwood@IUPUI.Edu>
Subject: Re: Unix auth via LDAP & now need to add Samba!
From: David Wright <ichbin@shadlen.org>
Date: Wed, 1 May 2002 13:50:20 -0700 (PDT)
Cc: OpenLDAP Mailling List <openldap-software@OpenLDAP.org>
In-reply-to: <Pine.LNX.4.33.0205011511490.1034-100000@mhw.ULib.IUPUI.Edu>

> HPC nor HPS ever appears on the wire, so where did the attacker get it?
> He can't calculate it unless he knows the password.

He got it off the server's password file. This is the whole point of
storing hased passwords! Even if someone can read your password file (e.g.
/etc/passwd or /etc/shadow in unix), he can't use that knowledge to log
into your servers.

Scorce for defense in depth -- Microsoft: 0, Unix: 1.

Follow-Ups:
- RE: Unix auth via LDAP & now need to add Samba!
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- Re: Unix auth via LDAP & now need to add Samba!
  - From: "Mark H. Wood" <mwood@IUPUI.Edu>

Prev by Date: [OT] Re: Unix auth via LDAP & now need to add Samba!
Next by Date: RE: Unix auth via LDAP & now need to add Samba!
Index(es):
- Chronological
- Thread