Re: CIFS Security

• Previous message: Benjamin Meade: "CA-SSL in IIS"
• Maybe in reply to: jay dave: "CIFS Security"
• Next in thread: Harlan Carvey: "Re: CIFS Security"
• Reply: Harlan Carvey: "Re: CIFS Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: keydet89@yahoo.com, focus-ms@securityfocus.com
Date: Mon, 14 Jul 2003 20:05:59 -0400

Thank you :)
    I did try that out the first thing. I was particularly interested in
some classified information that could be shared on a knowledgeable list
like this. Guess my question was framed in a rather lousy manner. "Can any
one suggest some source or information regarding the security
vulnerabilities in the CIFS Protocol?". I figure out that "Confidentiality"
or "integrity" doesn't form a core part of CIFS and it rather depends on
some mechanism above or below in in the protocol stack. Does any one know
of the latest developments to address these problems?

Regards,
Jay Dave

>From: Harlan Carvey <keydet89@yahoo.com>
>To: focus-ms@securityfocus.com
>Subject: Re: CIFS Security
>Date: Mon, 14 Jul 2003 06:10:13 -0700 (PDT)
>
>http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=CIFS+%2B+security
>
>--- jay dave <suny_student@hotmail.com> wrote:
> > Hi,
> > I am conducting a security analysis of CIFS
> > protocol. I am particularly
> > interested in knowing the security vulnerabilities
> > of the protocol. Can
> > anyone please comment on the current security
> > status.
> >
> > Thank you,
> > Regards,
> > Jay...
> >
> >
>_________________________________________________________________
> > STOP MORE SPAM with the new MSN 8 and get 2 months
> > FREE*
> > http://join.msn.com/?page=features/junkmail
> >
> >
> >
>-----------------------------------------------------------------------------
> >
>------------------------------------------------------------------------------
> >
>
>
>__________________________________
>Do you Yahoo!?
>SBC Yahoo! DSL - Now only $29.95 per month!
>http://sbc.yahoo.com

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

-----------------------------------------------------------------------------
------------------------------------------------------------------------------

• Previous message: Benjamin Meade: "CA-SSL in IIS"
• Maybe in reply to: jay dave: "CIFS Security"
• Next in thread: Harlan Carvey: "Re: CIFS Security"
• Reply: Harlan Carvey: "Re: CIFS Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SMB Shares Dangerous? ... that NFS a little better in this way. ... in NFSv4 security is equal to CIFS. ... On the other hand SMB is core protocol, ... (microsoft.public.security) Re: Protocol Analysis ... Subject: Protocol Analysis ... Concerned about Web Application Security? ... testing and vulnerability management needs. ... most comprehensive solutions to meet your application security penetration ... (Pen-Test) [fw-wiz] UNSUBSCRIBE ... (Paul D. Robertson) ... > fixup protocol icmp error ... >> isn't about the security properties of the control, ... errors in the firewall, configuration errors, and it then takes physical ... (Firewall-Wizards) Re: 802.11i ... Access" and it is security "system" for wireless networks that employs ... While TKIP "Temporal Key Integrity Protocol" is actual protocol under ... safer to communicate using RC4 stream cipher, ... But that is WPA v1., which is done to be as an enhancement ... (Security-Basics) RE: Ambiguities in TCP/IP - firewall bypassing ... T/TCP does indeed require multiple flags to be set ... simultaneously, however, it's also not a proven protocol. ... There's also a clear security issue with allowing one side of the ... standard TCP/IP it's relatively easy to spoof the source IP for the SYN ... (Bugtraq)