On Tue, 2002-12-31 at 11:34, Richard Sharpe wrote: > On Tue, 31 Dec 2002, Simo Sorce wrote: > > > Thank you Willi, > > unfortuately the traces is encapsulated in an ntlmssp encrypted session > > so I cannot see anything. > > Can you kindly disable ntlmssp and redo the sniff from beginning? > > feel free to send the sniff only to me if you fear information > > disclosure. > > Hmmm, I would be interested in seeing that. De[l]vin posted some patches > to Ethereal that might be able to deal with that, given the key :-)
Yes, I'm very interested to see that - because I want to decrypt the NTLMSSP session that surrounds the password change, so as to pick out NTSTATUS values. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part