NTLMv2 Session Security

Christopher R. Hertel crh at ubiqx.mn.org
Thu Feb 6 22:43:39 GMT 2003

On Thu, Feb 06, 2003 at 09:58:17PM +0000, Xyster ! wrote:
> From my experience, read below...
> Changing the registry setting either turns on or off NTLMv2. The server can 
> guess which is being used by the client based on the blob lengths. The 
> modes documented by MS to allow negotiation do nothing. There is no way in 
> the NegProt or SessionSetupX to negotiate this.

That's the conclusion I had reached, but I wanted to see if someone could 
prove me wrong.

> NTLMv2 does not provide integrity or confidentiality. For Integrity to 
> happen the flags2 Security Signature bit needs to be set in the SMB header 
> when doing a Session Setup. I'm not sure that NTLMv2 needs to be used as 
> well.

My understanding is that the SMB_FLAGS2_SECURITY_SIGNATURE bit indicates
that the MAC is in in use, but that MAC signatures are negotiated using
the SecurityMode field in the NEGOTIATE_PROTOCOL_RESPONSE.

> Confidentiality I've never seen happen.

You sent to a public list, so I *hope* you didn't want confidentiality.


Chris -)-----

Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list