True ... thsi is also the reason that the dreaded FrontPage can't publish through Microsoft's own firewalls/proxies (Proxy2), which is actually a good thing i think :P sunzi ----- Original Message ----- From: "Sebastian Flothow" <sebastianat_private> To: <cc_mofoat_private> Cc: <pen-testat_private>; <webappsecat_private> Sent: Wednesday, November 06, 2002 5:27 PM Subject: Re: IIS 5.0 with Integrated Window Authentication > > The goofy three-message exchange that sets up the NTLM security doesn't > > seem to make it through the proxy, > > AFAIK, NTLM _can_ _not_ work through proxies, by design. It seems it > includes the client's IP address, which then doesn't match that of the > proxy (which is the client from the server's point of view), or > something similar. > > > Sebastian > > -- > Sebastian Flothow > sebastianat_private > #include <stddisclaimer.h> > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Nov 07 2002 - 19:41:36 PST