Security impact of removing timestamp check in rd_rep()

Luke Howard lukeh at
Mon May 16 04:10:50 GMT 2005

>I think the sequence number is used for this.  It appears from the way
>Microsoft implements their server, that they don't check the timestamps.
>Now to figure out how to tell the krb5 layer that this is a DCE_STYLE
>third leg...

The acceptor should be able to tell from the flags in the 0x8003 checksum.

-- Luke


More information about the samba-technical mailing list