Re: IIS 5.0 with Integrated Window Authentication

From: Sebastian Flothow (sebastian@flothow.de)
Date: Wed Nov 06 2002 - 17:27:54 EST

Next message: Jason Coombs: "RE: IIS 5.0 with Integrated Window Authentication"
Previous message: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
In reply to: cc_mofo@hushmail.com: "IIS 5.0 with Integrated Window Authentication"
Next in thread: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> The goofy three-message exchange that sets up the NTLM security doesn't
> seem to make it through the proxy,

AFAIK, NTLM _can_ _not_ work through proxies, by design. It seems it
includes the client's IP address, which then doesn't match that of the
proxy (which is the client from the server's point of view), or
something similar.

Sebastian

--
Sebastian Flothow
sebastian@flothow.de
#include <stddisclaimer.h>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Jason Coombs: "RE: IIS 5.0 with Integrated Window Authentication"
Previous message: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
In reply to: cc_mofo@hushmail.com: "IIS 5.0 with Integrated Window Authentication"
Next in thread: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:25 EDT