"Secure" channel demystifying?
hno at squid-cache.org
Thu Jul 1 16:57:48 GMT 2004
On Thu, 1 Jul 2004, Dimitry V. Ketov wrote:
> > 1) the server can authenticate the machine, since it was
> > entered into the domain by an admin. A malicious cracker
> > can't plug his laptop into a port and try to impersonate.
> Sorry, still can't catch an idea of what that (just authenticated, not
> signed and not chyphered channel) adds to the challenge-handshake (NTLM)
Nothing really for the NTLM handshake as such, but there is a few fields
exchanged always encrypted unless my memory serves me wrong.. This
includes the "session key" and possibly other sensitive information.
> Is that true by default for NT workstations?
>From what I remember of NT this depends on the service pack level and
then on registry settings to allow downgrade in later versions.
> > server can't prove his identity. It's like SSL certificates
> Why spoofed "server" wil not be able to prove his identity?
He does not know the computer account password used in the mutual
More information about the samba-technical