Re: IIS 5.0 with Integrated Window Authentication

From: Dave Aitel (dave@immunitysec.com)
Date: 11/07/02


Date: Thu, 7 Nov 2002 14:35:23 -0500
From: Dave Aitel <dave@immunitysec.com>
To: Sebastian Flothow <sebastian@flothow.de>

Hmm. My basterdized SPIKE Proxy NTLM auth does, in fact, work through
the proxy though.

Client->SPIKE Proxy->Server

Where Client is sending Proxy-Authorization, and SPIKE Proxy is
translating that into Authorization: and sending it to the server and so
on. I get access on IIS 5.0, at least.

-dave

On Wed, 6 Nov 2002 23:27:54 +0100
Sebastian Flothow <sebastian@flothow.de> wrote:

> > The goofy three-message exchange that sets up the NTLM security
> > doesn't seem to make it through the proxy,
>
> AFAIK, NTLM _can_ _not_ work through proxies, by design. It seems it
> includes the client's IP address, which then doesn't match that of the
>
> proxy (which is the client from the server's point of view), or
> something similar.
>
>
> Sebastian
>
> --
> Sebastian Flothow
> sebastian@flothow.de
> #include <stddisclaimer.h>
>
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/