NTLMv2 Session Security

[Xyster !]

>From my experience, read below...

>From: "Christopher R. Hertel" <crh at ubiqx.mn.org>
>To: samba-technical at samba.org
>Subject: NTLMv2 Session Security
>Date: Thu, 6 Feb 2003 13:24:42 -0600
>
>While trying to document NTLMv2 authentication, I stumbled across
>something known as NTLMv2 Session Security.  Does anyone know what this
>is?  I can set
>
>   
>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibilityLevel
>
>to 1 to "enable" NTLMv2 Session Security, but I'm not sure what it does.
>Some sources say that it allows the client and server to 'negotiate' the
>use of NTLMv2 challenge/response (how?).  Other sources say that it
>provides message integrity and confidentiality (how?).
>
Changing the registry setting either turns on or off NTLMv2. The server can 
guess which is being used by the client based on the blob lengths. The modes 
documented by MS to allow negotiation do nothing. There is no way in the 
NegProt or SessionSetupX to negotiate this.

NTLMv2 does not provide integrity or confidentiality. For Integrity to 
happen the flags2 Security Signature bit needs to be set in the SMB header 
when doing a Session Setup. I'm not sure that NTLMv2 needs to be used as 
well.

Confidentiality I've never seen happen.

>I've played with this enough to know that enabling NTLMv2 Session Security
>does not enable SMB packet signing (MAC signing).  There's a different set
>of registry variables for that.  Perhaps they all interact with one
>another...
>
>Clues welcome.
>
>Chris -)-----
>
>--
>Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
>jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
>ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
>OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org


_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*  
http://join.msn.com/?page=features/junkmail