Luke Kenneth Casson Leighton
2000-Jan-10 12:08 UTC
DCE/RPC over SMB: Samba and Windows NT Domain Internals
It's now available from Macmillan Technical Publishing. The only source of information publicly available on Windows NT authentication and password-update methods, including NTLMv1, NTLMv2, NTLMSSP, the Domain Logon Protocol (NETLOGON and NETLOGON "Secure Channel"), Windows 95 user, NT user and NT Administrative password changes, and how the SAM database is encrypted when transferred from a PDC to a BDC. It also contains information on how to understand, at a very detailed and boring level, NT Domain traffic (DCE/RPC) such as NT Domain Logons and running User Manager for Domains. It also matches official MSDN functions with unpublished Microsoft APIs, evidence for the existence of which can only be deduced from examining network traces or by purchasing an NT Source Code License. Despite what it says on the cover, this book is, "An expert guide to improving the efficiency and security *OF* Windows NT". Enjoy. Luke K.C. Leighton (Samba Team, ISS X-Force Research).
Jeremy Allison
2000-Jan-10 19:01 UTC
DCE/RPC over SMB: Samba and Windows NT Domain Internals
Luke Kenneth Casson Leighton wrote:> > It's now available from Macmillan Technical Publishing.I know - I just bought it :-).> The only source of information publicly available on Windows NT > authentication and password-update methods, including NTLMv1, NTLMv2, > NTLMSSP, the Domain Logon Protocol (NETLOGON and NETLOGON "Secure > Channel"), Windows 95 user, NT user and NT Administrative password > changes, and how the SAM database is encrypted when transferred from a PDC > to a BDC. > > It also contains information on how to understand, at a very detailed and > boring level, NT Domain traffic (DCE/RPC) such as NT Domain Logons and > running User Manager for Domains. It also matches official MSDN functions > with unpublished Microsoft APIs, evidence for the existence of which can > only be deduced from examining network traces or by purchasing an NT > Source Code License. > > Despite what it says on the cover, this book is, "An expert guide to > improving the efficiency and security *OF* Windows NT". > > Enjoy.It's also a *VERY* good book. Congratulations Luke - you really did a nice job on this one. Now I can use your own words to argue with you about packet details :-) :-). Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. --------------------------------------------------------