[wpkg-users] security issues

Brian May bam at snoopy.apana.org.au
Mon Jun 18 06:05:45 CEST 2007


Ok, I talked to somebody from the Samba team, and was told:

=== cut ===
> > When I use a Windows client to connect to a NT style domain run on a
> > number of Samba servers, and then connect to a share on a domain
> > server, is the domain server authenticated to the client in any form?

Only if the client demands smb signing, and the server offers it.

Yeah, this sucks for security - currently only DCs demand that their
clients connect with smb signing, and I don't know how to force a client
to demand signing (or refuse to connect) :-)
=== cut ===

So, if I read this correctly, it should be possible to setup a domain
client to use smb signing in order to authenticate the server, but I
don't know how to do it.

Authentication occurs in the other direction, that is the domain
controller authenticates the client before the client is trusted.
-- 
Brian May <bam at snoopy.apana.org.au>


wpkg-users mailing list
wpkg-users at lists.wpkg.org
http://lists.wpkg.org/mailman/listinfo/wpkg-users



More information about the wpkg-users mailing list