> (as I've mentioned before, MS has known about this hole since before SP2) > Cheers ... as have the rest of us. I would not call NTLMSSP's behavior a "hole." It's just doing its job. Properly configured firewalls block 139/445 at the interface where packets are routed to public/untrusted networks. You have brought this up a couple of times here, but I'm not really sure what you are on about. This is expected, by-design behavior. While I can conceptualize a configuration where each workstation has a table of addresses from which to identify possible hosts to authenticate to (an NTLM LAT if you will), I prefer to save the cycles and have this addressed where it belongs- at the border (or as close to home as necessary). People constantly bash Microsoft for not having a "real" operating system, yet demand to have each potential security issue addressed in the OS itself- something that would take control further and further away from the admin. That is the skinny on that. --------------------------------- Attonbitus Deus Thorat_private
This archive was generated by hypermail 2b30 : Sun Aug 19 2001 - 20:24:36 PDT