[Samba] authentication of server to client

Brian May bam at snoopy.apana.org.au
Thu Jun 7 05:17:48 GMT 2007


Hello,

When I use a Windows client to connect to a NT style domain run on a
number of Samba servers, and then connect to a share on a domain
server, is the domain server authenticated to the client in any form?

That is, could an attacker replace the server with fake server that
serves the same/similar files?

My experimentation seems to indicate that domains do not help here,
however as I am no expert in this, I would be interested to know what
people here have to say.

This started from a discussion in the wpkg-users forum:

http://sourceforge.net/mailarchive/forum.php?thread_name=sa47iqjgls9.fsf%40margay.local&forum_name=wpkg-users

(warning: some of these people appear to have anti-Samba attitudes...)

Thanks.
-- 
Brian May <bam at snoopy.apana.org.au>



More information about the samba mailing list