Thursday, November 13, 2008

MS08-068 - anti-smbrelay?

Ok, this is kind of a lame post because I'm gonna give you links to posts made by other people, but oh well, I felt like sharing what I'd found and I'm posting links and not reposting anything, so it should be fine :).

I was looking for information about how MS08-068 tried to prevent the smbrelay attack (or "SMB credentials reflection attack" as MS likes to call it) and the best post I found was this one from metasploit's blog:

I also find interesting the following posts:

Anyways, I haven't verified any of the things said in these posts, so "trust, but verify".

1 comment:

Ron said...

For what it's worth, I did my own writeup of the flaw: