[wpkg-users] security issues
Brian May
bam at snoopy.apana.org.au
Mon Jun 18 06:05:45 CEST 2007
Ok, I talked to somebody from the Samba team, and was told:
=== cut ===
> > When I use a Windows client to connect to a NT style domain run on a
> > number of Samba servers, and then connect to a share on a domain
> > server, is the domain server authenticated to the client in any form?
Only if the client demands smb signing, and the server offers it.
Yeah, this sucks for security - currently only DCs demand that their
clients connect with smb signing, and I don't know how to force a client
to demand signing (or refuse to connect) :-)
=== cut ===
So, if I read this correctly, it should be possible to setup a domain
client to use smb signing in order to authenticate the server, but I
don't know how to do it.
Authentication occurs in the other direction, that is the domain
controller authenticates the client before the client is trusted.
--
Brian May <bam at snoopy.apana.org.au>
wpkg-users mailing list
wpkg-users at lists.wpkg.org
http://lists.wpkg.org/mailman/listinfo/wpkg-users
More information about the wpkg-users
mailing list