svn commit: lorikeet r125 - in trunk/samba4-ad-thesis: .

Mon Nov 8 23:34:57 GMT 2004

Author: abartlet
Date: 2004-11-08 23:34:57 +0000 (Mon, 08 Nov 2004)
New Revision: 125

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=125

Log:
Small reformat, remove unused file

Andrew Bartlett

Removed:
   trunk/samba4-ad-thesis/intro.tex
Modified:
   trunk/samba4-ad-thesis/chapters.tex


Changeset:
Modified: trunk/samba4-ad-thesis/chapters.tex
===================================================================

--- trunk/samba4-ad-thesis/chapters.tex	2004-11-08 04:44:03 UTC (rev 124)
+++ trunk/samba4-ad-thesis/chapters.tex	2004-11-08 23:34:57 UTC (rev 125)
@@ -576,7 +576,7 @@
 from the password typed in by the user.
 
 There are two password hashes in NTLM, known as the NT hash (introduced
-with Windows NT) and the LM hash (compatible with LAN Manager) are
+with Windows NT) and the LM or LANMAN hash (compatible with LAN Manager) are
 16 byte quantities\citep{userauthNT}
 
 
@@ -637,11 +637,11 @@
 This process is discussed in detail, including an example implementation,
 in Section 2.8.3.4 of \citet{hertel}, but is summarised here.
 
-The server generates an 8 bytes cryptographic challenge, consisting
-of random data.
+The server generates an 8 bytes cryptographic challenge (the LM
+challenge), consisting of random data.
 
 The LM response takes successive 7 byte parts of the NT or LM hash,
-and uses them to encrypt that challenge:
+and uses them to encrypt that LM challenge:
 
 \begin{lyxcode}
 resp1~=~DES(hash{[}0-6{]},~chall);
@@ -740,7 +740,7 @@
 \item [Negotiate]The initial packet, sent from the client to the server,
 suggesting options (including choice of Unicode or ASCII for future
 communication) and requesting an authentication
-\item [Challenge]The return packet, containing the LANMAN challenge, and
+\item [Challenge]The return packet, containing the LM challenge, and
 the server's options (influenced by the client). It may also include
 data on the target system's name and domain.
 \item [Authenticate]The final packet, containing the user-name, domain
@@ -802,13 +802,14 @@
 \subsubsection*{Key Exchange}
 
 In another modification to the session key negotiation, the specification
-of the \texttt{NTLMSSP\_NEGOTIATE\_KEY\_EXCHANGE} flag allows the
+of the `key exchange' flag allows the
 client to specify a new session key, to be encrypted with what otherwise
 would be the session key. Presumably, the client would choose a random
 sequence of bytes, unrelated to the password, but as will be noted
-in \ref{sec:LSAKEY}, the ability for the client the propose a known
+in Section \ref{sec:LSAKEY}, the ability for the client the propose a known
 session key is an unexpected weakness in the NTLMSSP scheme, particularly
-given the effort put into the NTLM2 flag.
+given the steps taken when the NTLM2 Session Response is
+selected.  
 
 
 \subsection{NTLMSSP Signing and Sealing}
@@ -1015,7 +1016,7 @@
 Away from protocol implementation details, the names of security mechanisms
 are associated with particular levels of security. Clients and servers
 may place requirements on each other by which mechanisms they support,
-but this does not have any wire artifacts.
+but this does not have any network-visible artifacts.
 
 
 \section{GSSAPI}
@@ -1083,7 +1084,7 @@
 \footnote{Because both the WinXP and Windows 2003 machines are running under
 VMware (which itself is run on Linux), the whole process can be monitored
 by listening on the virtual Ethernet hub that VMware provides. %
-} and analysed with the assistance of Ethereal\citep{ethereal}, which
+} and analysed with the assistance of Ethereal \citep{ethereal}, which
 produced the packet capture diagrams.
 
 
@@ -1548,7 +1549,7 @@
 
 \subsection{History of Samba}
 
-Started by Andrew Tridgell, during his PhD studies\citep{10years},
+Started by Andrew Tridgell, during his PhD studies \citep{10years},
 Samba quietly evolved over the past 12 years from a barely functional
 prototype, used to communicate between a DOS Pathworks client and
 a Sun server, into a solid file and print server for Windows clients,
@@ -1597,7 +1598,7 @@
 
 \subsection{Samba as a Active Directory domain member}
 
-Samba 3.0 release\citep{samba-3.0} has the ability to be a member
+Samba 3.0 release \citep{samba-3.0} has the ability to be a member
 of an Active Directory domain, and as such has an implementation of
 a particular form of AD client. This client uses Kerberos for authentication,
 and used DCE-RPC and LDAP to query user and group information from
@@ -1617,9 +1618,9 @@
 
 \section{Heimdal Kerberos}
 
-Heimdal\citep{heimdal,westerlundheimdal} is an Open Source implementation
+Heimdal \citep{heimdal,westerlundheimdal} is an Open Source implementation
 of the Kerberos protocol. Created outside the USA due to export controls
-on strong encryption\citep{exportcontrols,mitkrb5export}, it has
+on strong encryption \citep{exportcontrols,mitkrb5export}, it has
 been developed independently of the well-known MIT distribution\citep{mitkrb5}.
 The Heimdal source code is well tested, and quite easy to modify.
 The presence of the HDB back-end interface (not found in the MIT distribution)
@@ -1627,7 +1628,7 @@
 
 Another aspect that makes Heimdal a key building block in this effort
 has been the active participation of key Heimdal developers in our
-branch of the Heimdal source\citep{lhasamba-technical}.
+branch of the Heimdal source \citep{lhasamba-technical}.
 
 
 \subsection{HDB Back-end}

Deleted: trunk/samba4-ad-thesis/intro.tex
===================================================================
--- trunk/samba4-ad-thesis/intro.tex	2004-11-08 04:44:03 UTC (rev 124)
+++ trunk/samba4-ad-thesis/intro.tex	2004-11-08 23:34:57 UTC (rev 125)
@@ -1,17 +0,0 @@
-%%
-%% Template intro.tex
-%%
-
-\chapter{An Introduction to My Thesis}
-\label{cha:intro}
-
-\section{The Basis for this Work}
-\label{sec:basis}
-
-\subsection{A Theoretical Framework}
-\label{sec:framework}
-
-%%% Local Variables: 
-%%% mode: latex
-%%% TeX-master: "thesis"
-%%% End: 

