[jcifs] NTLMv2 support
Eric
eglass1 at comcast.net
Sun Sep 28 09:07:39 EST 2003
> I think that LMv2 should work for authentication. I *believe* that the
> extra data used by and contained in the NTLMv2 response are significant when
> doing message signing, which starts up after the authentication step. In
> other words, you probably don't have to worry about NTLMv2 unless you are
> actually trying to start an SMB session.
>
You can actually do signing with just LMv2 as well (the new jCIFS MAC
signing code works with just LMv2 auth if enabled). It's not terribly
secure, however, as it turns out that the MAC signing key used is simply
"0x00000000000000000000000000000000" (16 empty bytes). It's more of a
digest than a MAC, since the key is a constant known value.
Eric
More information about the jcifs
mailing list