[jcifs] Re: How to secure authentication and data transfer
Michael B Allen
mba2000 at ioplex.com
Wed Mar 21 18:46:39 GMT 2007
On Wed, 21 Mar 2007 09:57:25 +0000 (UTC)
Jan Gärtner <gaert at gg-see.de> wrote:
> The connection is already doing fine, my question is how secure this
> connection is?
>
> - Is the password and the data transfer encrypted?
> If yes, how strong is this encryption?
>
>
> Furthermore I want to know what possibilities do I have to increase security?
It's reasonbly secure. Kerberos with an RC4 account would be much better
and my undstanding is that NTLMv2 is be better but I'd be a little
surprised if brute forcing NTLMv1 hashes is the weakest link.
As for integrity (SMB signing) and confidentiality (encryption), SMB
connections do not currently support confidentiality but if the server
supports integrity protection JCIFS will use it.
Mike
--
Michael B Allen
PHP Active Directory Kerberos SSO
http://www.ioplex.com/
More information about the jcifs
mailing list