No announcement yet.

Server Message Block (SMB)

  • Filter
  • Time
  • Show
Clear All
new posts

  • Server Message Block (SMB)

    Hi all,

    I have a question regarding SMB. I need to share out a resource from a server and I want to ensure that only valid user is accessing it. What I have done is, I ensure that on both client and server the following registry keys are set:

    HKLM\SYSTEM\CurrentControlSet\Services\lanmanserve r\parameters


    HKLM\SYSTEM\CurrentControlSet\Services\lanmanworks tation\parameters


    Hence I started to share out a folder and access it from client. I was prompted for UserID and password which I dutifully supplied. In the mean time, I have ethreal running behind in the background which I managed to captured the Negotiate Protocol Response. But I was unable to see the EncryptionKey. Anyone has any idea why is that so? I enclosed with information on the packet that I captured.

    Security Mode : 0xf
    .... ...1 = Mode: USER security mode
    .... ..1. = Password: ENCRYPTED password. Use challenge/response
    .... .1.. = Signatures: Security signatures ENABLED
    .... 1... = Sig Req: Security signatures REQUIRED

    Session Key: 0x00000000
    Key Length: 0

    It seems that the authentication is in plaintext. Butin SecurityMode, it stated that the communication should be using Challenge/Response. Anything I have missed?

    Also, I would like to know what does it mean when Session Setup Andx Response NTLMSSP_CHALLENGE has the status Error: STATUS_MORE_PROCESSING?

    The strange thing is I was able to access the folder that I shared out.

    Many thanks!
    Last edited by seapoppy; 20th September 2006, 04:15.

  • #2
    Re: Server Message Block (SMB)

    Please use:

    Thats all
    Best Regards,

    Yuval Sinay

    LinkedIn:, Blog: