Credentials Relay Prevention
Oren
theoren28 at hotmail.com
Wed Sep 3 16:31:45 MDT 2014
Hi,
Can Credentials Relay be prevented for Linux Samba Clients?
Namely, is there some configuration parameter such that Linux Samba Client <-> Samba Server using correct domain credentials should work but Linux Samba Client <-> TCP Proxy (MITM) <-> Samba Server should be rejected?
SMB Signing and/or forcing NTLMv2 does not seem to help here as no payload manipulations are made.
Related Microsoft/Attack posts.
https://technet.microsoft.com/en-us/library/security/974926.aspx
http://pen-testing.sans.org/blog/pen-testing/2013/04/25/smb-relay-demystified-and-ntlmv2-pwnage-with-python
Thanks,
Oren
More information about the samba-technical
mailing list