Re: IIS 5.0 with Integrated Window Authentication

From: Sebastian Flothow (sebastianat_private)
Date: Wed Nov 06 2002 - 14:27:54 PST

Next message: Jason Coombs: "RE: IIS 5.0 with Integrated Window Authentication"

Previous message: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
In reply to: cc_mofoat_private: "IIS 5.0 with Integrated Window Authentication"
Next in thread: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> The goofy three-message exchange that sets up the NTLM security doesn't 
> seem to make it through the proxy,

AFAIK, NTLM _can_ _not_ work through proxies, by design. It seems it 
includes the client's IP address, which then doesn't match that of the 
proxy (which is the client from the server's point of view), or 
something similar.


Sebastian

--
Sebastian Flothow
sebastianat_private
#include <stddisclaimer.h>


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Jason Coombs: "RE: IIS 5.0 with Integrated Window Authentication"
Previous message: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
In reply to: cc_mofoat_private: "IIS 5.0 with Integrated Window Authentication"
Next in thread: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: Dave Aitel: "Re: IIS 5.0 with Integrated Window Authentication"
Reply: sunzi: "Re: IIS 5.0 with Integrated Window Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 08 2002 - 14:50:48 PST