"Secure" channel demystifying?

Andrew Bartlett abartlet at samba.org
Wed Jul 7 15:00:07 GMT 2004 

On Wed, 2004-07-07 at 23:03, Dimitry V. Ketov wrote:
> > Even in a domain membership NTLM is used for user logon but 
> > in a somewhat modified and secure manner than normal NTLM, 
> > and also made more efficient and less demanding on the domain 
> > controller thanks to the alread established trust between the 
> > member server and domain controller. The computer account 
> > password encrypts important fields to protect from 
> 
> This is my packet capure analysis:
> C (Client - Win2K), S (Server - samba 2.2.8), DC (Domain Controller - Win2k)
> 
> С ------- Negotiate Req -------> S
> C <------ Negotiate Repl ------- S
>       (Encryption key: XXXX )
> C -- Session & Tree Conn Req --> S
>         (ANSI Pass: AAAA)
>        (UNICODE Pass: UUUU)
>                                  S ------- Negotiate Req -------> DC
>                                  S <------ Negotiate Repl ------- DC
>                                  S <------ .............. ------> DC
>                                  S ------ NetrSamLogon Req -----> DC
>                                           (Challege: XXXX)
>                                        (NT Challege Resp: UUUU)
>                                        (LM Challege Resp: AAAA)
>                                  S <----- NetrSamLogon Repl ----- DC
> C <- Session & Tree Conn Repl -- S
> 
> As I can see, it's just normal LM/NTLM challeges and respones inside NETLOGON "secure" channel, copied from client/server LM/NTLM authetication.
> 
> Where is that "protection" ? :(

None, for Samba 2.2.8.  Use Samba 3.0 for schannel. 

When the communication between the DC and the member server are
protected with schannel, it ensures that only member servers can submit
passwords (which could be sniffed from the wire) for authentication.

See, a member server can specify the challenge, which means that it can
check if a password is still valid.  Without schannel, a MITM could just
substitute them, and without the machine-to-machine authentication,
anybody could ask.

On the return path, the user's session key is not well protected without
schannel, and this is meant to be secret to the domain member system. 
It also verifies that the DC was the one that said 'let that user in'
and listed their group memberships.  (There have been attacks on this in
the past).

Andrew Bartlett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040708/4a960b5e/attachment.bin

More information about the samba-technical mailing list