Re: Security impact of removing timestamp check in rd

samba-technical@lists.samba.org

Re: Security impact of removing timestamp check in rd_rep()

from [Luke Howard]

Subject:	Re: Security impact of removing timestamp check in rd_rep()
From:	Luke Howard
Date:	Mon, 16 May 2005 14:10:50 +1000

>I think the sequence number is used for this.  It appears from the way
>Microsoft implements their server, that they don't check the timestamps.
>
>Now to figure out how to tell the krb5 layer that this is a DCE_STYLE
>third leg...

The acceptor should be able to tell from the flags in the 0x8003 checksum.

-- Luke

--

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Security impact of removing timestamp check in rd_rep(), Andrew Bartlett Re: Security impact of removing timestamp check in rd_rep(), Luke Howard Message not available Re: Security impact of removing timestamp check in rd_rep(), Andrew Bartlett Re: Security impact of removing timestamp check in rd_rep(), Luke Howard <= Re: Security impact of removing timestamp check in rd_rep(), Sam Hartman Message not available Re: Security impact of removing timestamp check in rd_rep(), Sam Hartman

Previous by Date:	Re: Security impact of removing timestamp check in rd_rep(), Andrew Bartlett
Next by Date:	Re: Security impact of removing timestamp check in rd_rep(), Sam Hartman
Previous by Thread:	Re: Security impact of removing timestamp check in rd_rep(), Andrew Bartlett
Next by Thread:	Re: Security impact of removing timestamp check in rd_rep(), Sam Hartman
Indexes:	[Date] [Thread] [Top] [All Lists]