SMB Signing, kerberos, NTLMv2 TODO
Andrew Bartlett
abartlet at samba.org
Wed May 7 13:05:43 GMT 2003
On Thu, 2003-05-01 at 15:18, Andrew Bartlett wrote:
> What we do know
> ---------------
>
> SMB signing works, for authentication using the NTLM authentication
> scheme, when not using 'extended security', and not using NTLMv2.
>
> NTLMv2 works, as does LMv2 for all things that don't require the
> 'session key'.
It is my suspicion that NTLMv2 doesn't actually work (as a client) and
that we were just getting away with having working NTLMv2.
...
> What is unknown
> ---------------
>
> We don't know how to do SMB signing with NTLMv2. This would be a
> interesting, small research project for somebody, as the possible inputs
> are pretty well known. My guess is that we are getting the NTLMv2
> response wrong in the client, and causing the server to think we have
> not negotiated use of a session key.
This is confirmed by the fact that we can sign NTLMv2 connections to a
Win2k domain member, when the PDC is Samba (and always generates the
session key).
This is a new development - I've just commited these changes to 3.0
CVS. The only task now is the NTLMv2 client, which should not be hard
(given TNG has an implementation, and the format is documented).
> (Adding an ethereal dissector for the NTLMv2 response would probably be
> a very good place to start, there is a description of the format in
> Implementing CIFS, and code in Samba TNG libsmb/smbencrypt.c).
This has now been implemented in CVS ethereal - big thanks to
tpot at samba.org!
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030507/33c9ca35/attachment.bin
More information about the samba-technical
mailing list