Network Security: Detailed info on Re: NTLM HTTP Authentication is insecure by design

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: NTLM HTTP Authentication is insecure by design - a new writeup by Am

from [Andrew van der Stock] Network Security

[Permanent Link]

Subject:	Re: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein
Date:	Wed, 20 Jul 2005 13:52:38 +1000

With respect,

SSL should always be terminated in front of a Web server is illustrated in our technology whitepaper already mentioned above: (http://www.seclutions.com/en/downloads/AirLock_Whitepaper.pdf).

Terminating SSL sessions before the web server assumes that no client- side certificates are in use. If you use client-side certificates (either soft certs or smart cards), terminating early means that the web app has to trust the front end termination device to provide the authentication details from the client.

Pretty much all solutions to this usually involve setting headers (like REMOTE_USER or iv-cred similar) and passing on the request. If the header or token is not present for unauthenticated requests, an attacker can spoof the (say) REMOTE_USER header successfully.

Andrew

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Amit Klein (AKsecurity) RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Amit Klein (AKsecurity) Re: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Andrew van der Stock <= RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder Re: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Andrew van der Stock RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Amit Klein (AKsecurity)

Previous by Date:	Re: Https sniffer, Hugo Fortier
Next by Date:	RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder
Previous by Thread:	RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Amit Klein (AKsecurity)
Next by Thread:	RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder
Indexes:	[Date] [Thread] [Top] [All Lists]