smb signatures - per tcp session or per smb session sequence
numbers?
Andrew Bartlett
abartlet at samba.org
Wed Feb 23 08:50:40 GMT 2005
On Tue, 2005-02-22 at 23:42 -0600, Steven French wrote:
>
>
>
>
> When two different user smb session (smb_uids) are multiplexed over one tcp
> session from a single client to a single server - signing does not appear
> to work on the first request for what will be the second uid ie the 2nd
> SessionSetup request (at least from the Linux client).
>
> There seems to be evidence that the sequence number used for signing is
> global to the tcp session (not to the smb uid - smb session as I had
> implemented).
Correct. This of course implies that the security of the whole session
is as good or bad as the *first* password to pass over it.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050223/22f4548a/attachment.bin
More information about the samba-technical
mailing list