Re: CIFS Security

From: jay dave (suny_student_at_hotmail.com)
Date: 07/15/03

  • Next message: Harlan Carvey: "Re: CIFS Security"
    To: keydet89@yahoo.com, focus-ms@securityfocus.com
    Date: Mon, 14 Jul 2003 20:05:59 -0400
    
    

    Thank you :)
        I did try that out the first thing. I was particularly interested in
    some classified information that could be shared on a knowledgeable list
    like this. Guess my question was framed in a rather lousy manner. "Can any
    one suggest some source or information regarding the security
    vulnerabilities in the CIFS Protocol?". I figure out that "Confidentiality"
    or "integrity" doesn't form a core part of CIFS and it rather depends on
    some mechanism above or below in in the protocol stack. Does any one know
    of the latest developments to address these problems?

    Regards,
    Jay Dave

    >From: Harlan Carvey <keydet89@yahoo.com>
    >To: focus-ms@securityfocus.com
    >Subject: Re: CIFS Security
    >Date: Mon, 14 Jul 2003 06:10:13 -0700 (PDT)
    >
    >http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=CIFS+%2B+security
    >
    >--- jay dave <suny_student@hotmail.com> wrote:
    > > Hi,
    > > I am conducting a security analysis of CIFS
    > > protocol. I am particularly
    > > interested in knowing the security vulnerabilities
    > > of the protocol. Can
    > > anyone please comment on the current security
    > > status.
    > >
    > > Thank you,
    > > Regards,
    > > Jay...
    > >
    > >
    >_________________________________________________________________
    > > STOP MORE SPAM with the new MSN 8 and get 2 months
    > > FREE*
    > > http://join.msn.com/?page=features/junkmail
    > >
    > >
    > >
    >-----------------------------------------------------------------------------
    > >
    >------------------------------------------------------------------------------
    > >
    >
    >
    >__________________________________
    >Do you Yahoo!?
    >SBC Yahoo! DSL - Now only $29.95 per month!
    >http://sbc.yahoo.com

    _________________________________________________________________
    Protect your PC - get McAfee.com VirusScan Online
    http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

    -----------------------------------------------------------------------------
    ------------------------------------------------------------------------------


  • Next message: Harlan Carvey: "Re: CIFS Security"

    Relevant Pages

    • Re: SMB Shares Dangerous?
      ... that NFS a little better in this way. ... in NFSv4 security is equal to CIFS. ... On the other hand SMB is core protocol, ...
      (microsoft.public.security)
    • Re: Protocol Analysis
      ... Subject: Protocol Analysis ... Concerned about Web Application Security? ... testing and vulnerability management needs. ... most comprehensive solutions to meet your application security penetration ...
      (Pen-Test)
    • [fw-wiz] UNSUBSCRIBE
      ... (Paul D. Robertson) ... > fixup protocol icmp error ... >> isn't about the security properties of the control, ... errors in the firewall, configuration errors, and it then takes physical ...
      (Firewall-Wizards)
    • Re: 802.11i
      ... Access" and it is security "system" for wireless networks that employs ... While TKIP "Temporal Key Integrity Protocol" is actual protocol under ... safer to communicate using RC4 stream cipher, ... But that is WPA v1., which is done to be as an enhancement ...
      (Security-Basics)
    • RE: Ambiguities in TCP/IP - firewall bypassing
      ... T/TCP does indeed require multiple flags to be set ... simultaneously, however, it's also not a proven protocol. ... There's also a clear security issue with allowing one side of the ... standard TCP/IP it's relatively easy to spoof the source IP for the SYN ...
      (Bugtraq)