passwords. This problem will persist until the cache is flushed. David LeBlanc points out that Microsofts FTP, HTTP,and Gopher service also suffer from the same problem. The problem does not affect NT logins themselves. To correct the problem, you must edit the following registry keys: HKLM\System\CurrentControlSet\Services\MsExchangeIs\ParametersNetIf\Credentials Cache Age Limit (Default = 120 minutes) HKLM\System\CurrentControlSet\Services\MsExchangeIs\ParametersNetIf\Credentials Cache Idle Limit (Default = 15 minutes) HKLM\System\CurrentControlSet\Services\MsExchangeIs\ParametersNetIf\Credentials Cache Size (Default = 256 buckets) Make the settings = 0
[13.1.1] Crashing NT using NTFS Found by Martin Stiemerling
Affects NT systems running Service Pack 3 also. Recently, a program released from Germany (crashnt.exe) seems to be able to crash an NT server. The program was coded by Martin Stiemerling. It executes in a command window and functions off of one parameter, a drive letter. (example: crash d:). It seems that the program may be a spawn of an NT Defragmentation program. The fact that this program will crash and render an NTFS volume useless is spooky. David LeBlanc says he thinks this may be a result of something in the NtFsControlFile() function.
[13.1.2] The GetAdmin Exploit Found by Konstantin Sobolev