I was doing some research for an article on firewalls a while back, and I came across an invitation to yet another trade show/conference. This one claimed to "focus on the vital security issues facing organizations with large enterprise networks and mixed network operating systems".

Among the topics were denial-of-service attacks, secure programming techniques and tool selection for creating and effectively monitoring secure networks.

So far, it didn't look like much. Then I read over the list of presenters. Right up there with Yobie Benjamin (chief knowledge officer at Cambridge Management Labs) and Ira Winkler (National Computer Security Association), were Mudge, Route, Kore, Qmaster, Sluggo and Hobbit -- hackers and phreaks, every one! What is the world coming to?

Over the past year, security attacks against Windows NT systems have increased exponentially. Each new security breach was followed within a few days by a fix or workaround from Microsoft.

Many of you probably dismissed most of the attacks because they required physical access to the NT server or the administrator's password. It's a truism that all security begins with physical security. If the bad guys can get to the keyboard or disk drive, then no matter what you do in terms of software security, you're as vulnerable as a bank that leaves its safe unlocked at night.

The most recent tool for attacking NT is L0phtCrack 1.5. It uses a combination of brute force (for example, guessing passwords) and a dictionary attack (trial-ing 28,000 frequently used words) and purports to be able to return clear text passwords on a typical NT network. A 100-user password file was cracked in less than a minute (details available at www.l0pht.com/advisories/l0phtcrack15.txt -- note that L0pht is spelled L-ZERO-P-H-T).

Searching the Microsoft security site (www.microsoft.com/security/) showed no response to this latest attack.

Other password attacks have usually resulted in a Microsoft response within a few days. But the hackers don't care because, according to Mudge, they can bypass any Microsoft fix by exploiting a fundamental problem that Microsoft faces: the need to maintain backward-compatibility to the legacy LAN Manager system with its extremely weak password structure, which breaks a chosen password into two seven-character pieces.

As long as Microsoft feels the need to support backward-compatibility with security-weak systems, there's little hope of creating a secure network environment. At this time, Microsoft indends to retain theis backward-compatibility in NT 5.0's Active Directory system. Just one more reason to hope Novell releases Novell Directory Services for Windows NT very soon.