Win95/98 Shares Remain Vulnerable

Windows 95 and 98 Shares Remain a Target
Reported August 19, 1998 by Mark Joseph Edwards


  • All Non-NT Windows Platforms


Rhino9 released an updated version of their Legion program, which automates the locating and connecting of Windows-based shares. The software depends on the user NOT protecting their shares with passwords BEFORE connecting to the Internet. The software also has a brute-force password cracking plug-in that can be used to find passwords for shares that are protected


Download Legion (2MB) from this site now.


ALWAYS password protect your Windows-based shares - AND - if you"re on an NT network, highly consider enabling User--Level protection. User-Level protection causes share connections to be authenticated by the NT Server instead of a simple user-defined password.

If you must use share-level protection (simple per-share passwords), then definitely employ complex and long passwords that include a wide variety of characters, such as a mixture of "[email protected]#$%^&*()_+=-\[\]\}\{\\":";?><,./", numbers, and up/lower case letters. While passwords ARE in fact crackable by brute force over time, creating complex passwords helps to make brute force cracking attempts long and painful, and usually not worth the effort to the potential intruder.

To learn more about NT Security concerns, subscribe to NTSD

- Originally reported by Mark Joseph Edwards
- Posted on The NT Shop on August 19, 1998
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.