[Samba] authentication of server to client

Brian May bam at snoopy.apana.org.au
Thu Jun 7 05:17:48 GMT 2007


When I use a Windows client to connect to a NT style domain run on a
number of Samba servers, and then connect to a share on a domain
server, is the domain server authenticated to the client in any form?

That is, could an attacker replace the server with fake server that
serves the same/similar files?

My experimentation seems to indicate that domains do not help here,
however as I am no expert in this, I would be interested to know what
people here have to say.

This started from a discussion in the wpkg-users forum:


(warning: some of these people appear to have anti-Samba attitudes...)

Brian May <bam at snoopy.apana.org.au>

More information about the samba mailing list