Regarding AUTH_CRAP and NTLMv2
Andrew Bartlett
abartlet at samba.org
Tue Jan 18 01:18:37 MST 2011
On Tue, 2011-01-18 at 13:07 +0530, Narendra Kumar S.S wrote:
> I am going thru the samba source code to get a better understanding of
> NTLMv2 auth.
> The following information is used for authorising the user/machine:
> 1. Server Challenge
> 2. Client NTLMSSP AUTH message which will have ntlm response, lm response.
> The ntlm response has client challenge.
>
> >From the samba source code, I see that both the server challenge and client
> challenge are produced using generate_random_buffer().
> So, it doesn't use anything related to machine account or machine name.
> So, which is the part that is produced using the machine account or machine
> name, so that the server can use that value to verify the authenticity
> later?
Have a read of http://davenport.sourceforge.net/ntlm.html
Hopefully this will make it clearer how NTLM authentication works.
I'm still very happy to answer questions, but this document is
incredibly detailed and will help you understand the whole area better.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
More information about the samba-technical
mailing list