JG> On 05-20-97, CHRIS HOLTEN said to DALE ROSS:
CH>It did break Samba though. I think that may of been done on purpose. My
 JG> Not broken - the difference is that SP3 uses encrypted 
 JG> passwords by default.
 JG> There's a registry entry documented in the SP3 README 
 JG> from the web site that
Yeah, I read that in a newsgroup. I never realized that the default had been 
un-encryted. A good Idea to encrypt it. There are hacker utilities that will 
grab un-encrypted passwords from a network. That evidently is how the kids 
got a bunch of passwords and usernames from the local high school's NT 
server. That kind of software is evidently readily available on the internet. 
I believe that same utility is probably why MS decided to make SP3 default to 
encrypted. Don't know what they are going to do next year when someone hacks 
the encrypted passwords and puts that on a warez internet site.
Then there was the kid that wrote a program to get 250,000 credit card 
numbers from an internet site that takes credit cards. It's those kind of 
things that might make Bill Gates re-think putting up his 840 sattelites. I 
know I sure am going to be a long time coming in using the internet for 
anykind of "business". My main goal now is just to become anonymous enough 
for the damn spam sites to leave me off thier junk mail lists.
--- Maximus/NT 3.01b1
---------------