[jcifs] Replay attacks

Schön, Marcel Marcel.Schoen at united-security-providers.ch
Fri May 11 08:36:37 GMT 2007


I have implemented jcifs in one of our web applications and I am using it for authenticating clients by NTLM challenge/response. So far so good till I figured out that a client is receiving several times the same challenge. Couldn't that be used for a straight replay attack?

Probably I have just missconfigured JCIFS. Is there a configuration property I should consider? 

Kind Regards

Patrick Taddei

More information about the jcifs mailing list