"Secure" channel demystifying?

[Dimitry V. Ketov]

> -----Original Message-----
> From: Peter Waechtler [mailto:peter at helios.de]
> 
> The global problem is mutual authentication. You gain 2
> profits with that:
> 
> 1) the server can authenticate the machine, since it was
> entered into the  domain by an admin. A malicious cracker 
> can't plug his laptop into  a port and try to impersonate. 
Sorry, still can't catch an idea of what that (just authenticated, not
signed and not chyphered channel) adds to the challenge-handshake (NTLM)
security...

> This alone does not prevent the use  of keyboard sniffers 
> (local security of client machine) etc.]


> 2) the client can be "more" sure about passing the 
> challenge/response  token to the "right" server. Without that 
> a cracker could spoof his  laptop as DC. If the passwords 
> would be passed with a reversible algorithm  he would get 
> them. With NTLM he can build a dictionary of challenge->hash. 
>  It's not only theoretical: the server possibly downgrades 
> the client to sent  the  password in clear...  The client 
> machine wouldn't do that if SChannel is mandatory and the 
Is that true by default for NT workstations?

> server  can't prove his identity. It's like SSL certificates 
Why spoofed "server" wil not be able to prove his identity?

> and fingerprints. If the  certificate is invalid the user 
> ignores that and sents the PIN ;)
> 
> > PS. Yes, I'm aware of today's secure channel signing and 
> cyphering ;)
> 
> Then, why do you ask? ;)
Trying to figure out what _actual_ problems that channel solved without
signing and chypering.

Dimitry.