Ethereal: [Ethereal-dev] Reassembly of security blob in SMB dissector

Ethereal-dev: February 2003

Subject: [Ethereal-dev] Reassembly of security blob in SMB dissector
From: Jean-Baptiste Marchand <Jean-Baptiste.Marchand@xxxxxx>
Date: Mon, 3 Feb 2003 11:51:28 +0100

Hello,

the attached capture shows the establishment of an SMB session,
authenticated with a Kerberos 5 token (extended security mode). 

Because of the token size, the SessionSetupAndX request is carried over
two NBSS messages. Thus, it is not possible to decode the content of the
security blob.

Looking at the SMB dissector options, it seems that fragmentation
reassembly is currently possible for DCE/RPC PDU (carried over SMB
named pipes) and SMB Transact payload command. Does security blob
reassembly would fit in the same category?

I can work on this if nobody else plans to implement it.

Thanks for your help,

Jean-Baptiste Marchand
-- 
Jean-Baptiste.Marchand@xxxxxx
Hervé Schauer Consultants
http://www.hsc.fr/

Attachment: smb_ext_sec_krb5.cap.gz
Description: application/gunzip

Follow-Ups:
- Re: [Ethereal-dev] Reassembly of security blob in SMB dissector
  - From: Richard Sharpe
- Re: [Ethereal-dev] Reassembly of security blob in SMB dissector
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] Mobile IPv6
Next by Date: Re: [Ethereal-dev] Reassembly of security blob in SMB dissector
Previous by thread: Re: [Ethereal-dev] Mobile IPv6
Next by thread: Re: [Ethereal-dev] Reassembly of security blob in SMB dissector
Index(es):
- Date
- Thread