Sign in / up

back to article Windows passwords leak tip

Microsoft has published some guidelines for firewalling off traffic that could leak username and password information from corporate networks. As we reminded everyone last month, it is possible to trick Internet Explorer, Edge, Outlook and other Redmond software into coughing up your Windows computer's login name and an NTLM …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Destroy All Monsters Silver badge

    Assumptions have been made and statements were issued.

    "Malicious users can use the Server Message Block (SMB) protocol for malicious purposes. Firewall best practices and firewall configurations can enhance network security by helping to prevent potentially malicious traffic from crossing the enterprise perimeter"

    After hours and hours of doing logical analysis of these amazing sentences, I have found that they all reduce to "TRUE". My paper will be in the next issues of "Letters in Microsoftian Logic and Content-Freedom".

    3 0 Reply
    1. Dan 55 Silver badge
      Reply Icon

      Re: Assumptions have been made and statements were issued.

      "Our noddy OS spaffs credentials to all and sundry" seems to be the missing sentence in the middle. (TRUE.)

      2 0 Reply
    2. Czrly
      Reply Icon

      Re: Assumptions have been made and statements were issued.

      Passwords are content. Set them free!

      (Seriously, are there still people in this world who use their Windows login password for anything other than Windows logging in? That's like using your Internet Banking password for a free porn site.)

      1 0 Reply
  2. MrDamage Silver badge

    what do tictactoe, thermonucleur war and microsoft have in common?

    The only way to win, is not to play.

    4 0 Reply
  3. Ottman001
    Facepalm

    "Microsoft's solution to this is to firewall off outgoing traffic to SMB-related ports 137, 138, 139 and 445."

    So what's Microsoft advice for what to do if any of your users take their laptops home to work?

    3 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      As well as applying this rule to the company firewalls protecting the network, I would probably push it out to Windows Firewall on each laptop/desktop using GPO too.

      2 1 Reply
  4. simmondp

    Advice from the 1990's

    So, let's all assume a 1990's architecture where only corporates have networks and only use desktop computers with a hard perimeter!

    Let's ignore that fact that since 2003 the Jericho Forum have highlighted the issues of the de-perimeterised network. Microsoft would do well to actually read the Jericho Forum commandments! https://www.opengroup.org/jericho/commandments_v1.2.pdf

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon