[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Authentication
I'm not too sure what you mean by "Digest Authentication". I'm running IIS 4.0 on SP6a, and I have: 1) Anonymous 2) HTTP Basic Authentication 3) NT Challenge Response I can tell you that the way those work is: 1) Anonymous doesn't require any authentication 2) HTTP Basic Authentication sends user\passwords over HTTP in Base64 encoded format (close to clear text which is *trivially* crackable) 3) NT-C\R *Requires* NetBIOS (a.k.a NBT or TCP/UDP ports 135, 137, 138 & 139) In my experience, passing NetBIOS information over the Internet is a VERY bad idea. All that said, I'd suspect that "Digest Auth" uses NT-C\R and therefore NetBIOS and you're probably dropping it (as most other people would.) Hope this helps! Jason [email protected] wrote: > > Hi, > > Anybody knows about this problem? > I need login on an Internet Information Server (Microsoft), and I have > seting up user auth. If I use the single mode on the Int. Inf. Server its > ok, the firewall accepts my user & pass and the IIS accepts too. But If I > use the complex metod (Digest Authentication) on IIS the firewall accepts > my request, but the IIS ask me the user & pass but nothings happend, and > again, and again ask for user & pass. . . > > Best regards, > > Matias Siri > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|