Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: IIS 5.0 with Integrated Window Authentication

Re: IIS 5.0 with Integrated Window Authentication

From: Sebastian Flothow <sebastian_at_flothow.de>
Date: Wed, 6 Nov 2002 23:27:54 +0100

> The goofy three-message exchange that sets up the NTLM security doesn't
> seem to make it through the proxy,

AFAIK, NTLM _can_ _not_ work through proxies, by design. It seems it
includes the client's IP address, which then doesn't match that of the
proxy (which is the client from the server's point of view), or
something similar.

Sebastian 

--
Sebastian Flothow
sebastian_at_flothow.de
#include <stddisclaimer.h>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Nov 08 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]