Ethereal-dev: Re: [Ethereal-dev] ntlmssp decoding

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: dheitmueller <dheitmueller@xxxxxxxxxxx>
Date: Sun, 07 Jul 2002 02:24:40 -0400 (EDT)
> The ntlmssp code is not specific to the dcerpc code.  I know of another
> couple of places within SMB where it is used.  It would be nice to see
> these routines in something like packet-smb-ntlmssp.c or something
> similar.

Agreed.  Now that I think the decoding works reasonably well, I'm going to move it into its own dissector.

> I'm slightly biased, but I think the latest code in Samba CVS is in a
> much better state thant the Samba TNG code.  You may want to refer to
> both codebases for a different point of view.

I had not looked at Samba's include/rpc_dce.h until now.  I agree that it is more complete than TNG's include/rpc_ntlmssp.h (which I based the dissector on).  I will make the appropriate changes to reflect the Samba rpc_dce.h (in particular the negotiate flags).

Thanks,

Devin Heitmueller
Senior Software Engineer
Netilla Networks Inc