[TOOL] SMB Auditing Tool (NetBIOS)

From: support@securiteam.com
Date: 11/13/01 

From: support@securiteam.com
To: list@securiteam.com
Subject: [TOOL] SMB Auditing Tool (NetBIOS)
Message-Id: <20011113180644.4A675138BF@mail.der-keiler.de>
Date: Tue, 13 Nov 2001 19:06:44 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  SMB Auditing Tool (NetBIOS)
------------------------------------------------------------------------

DETAILS

The SMB Auditing Tool is a password-auditing tool for the Windows and the
SMB platform. It makes it possible to exploit the timeout architecture bug
in Windows 2000/XP, making it extremely fast in guessing passwords on
these platforms. Running a large password file against Windows 2000/XP
shows statistics up to 1200 logins/sec. This means that you could run a
commonly used English dictionary with 53,000 words against a server under
a minute. Supports SMB over NetBIOS and native SMB over TCP port 445.
Compiles on Linux, BSD, and Cygwin.

ADDITIONAL INFORMATION

The tool can be downloaded from:
 <http://packetstorm.decepticons.org/Crackers/smbbf-0.9.1.tar.gz>
http://packetstorm.decepticons.org/Crackers/smbbf-0.9.1.tar.gz

The information has been provided by
<mailto:patrik.karlsson@ixsecurity.com> Patrik Karlsson.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.