[Info-vax] SAMBA and Ransomeware
Arne Vajhøj
arne at vajhoej.dk
Mon Jul 17 21:43:37 EDT 2017
On 7/17/2017 9:35 PM, Craig A. Berry wrote:
> On 7/17/17 5:52 PM, Scott Dorsey wrote:
>> Craig A. Berry <craig.a.berry at gmail.com> wrote:
>>> On Monday, July 17, 2017 at 3:52:02 PM UTC-5, Scott Dorsey wrote:
>>>> Michael Moroney <moroney at world.std.spaamtrap.com> wrote:
>>>>> Naive question: Are the protocols fundamentally broken, security
>>>>> wise, or,
>>>>> in theory, could a good VMS programmer given the SMBx spec and no
>>>>> existing
>>>>> code as a bad example, write a secure SAMBA implementation from
>>>>> scratch?
>>>>
>>>> Unknown, since nobody has actually seen the SMB spec outside of
>>>> Microsoft,
>>>> and SAMBA exists entirely due to reverse-engineering of the protocol.
>>>
>>> So you're quite sure no one outside of Microsoft has read any of the
>>> following documents?
>>>
>>> <http://www.snia.org/sites/default/education/tutorials/2012/fall/file/JoseBarreto_SMB3_Remote_File_Protocol_revision.pdf>
>>>
> >
>> Oh, I have read that. It's a _lot_ more detailed than the previous
>> specs,
>> but I wouldn't call it anywhere NEAR a complete protocol spec.
>
> Those are just slides from a presentation. The links that you snipped,
> such as this one:
>
> <https://msdn.microsoft.com/en-us/library/cc246482.aspx>
>
> comprise hundreds of pages detailing data structure layouts, event and
> response sequences, and so on. What would a complete protocol spec have
> that isn't there?
Some people don't want to let boring things like facts get in the way
of some MS bashing.
:-)
Arne
More information about the Info-vax
mailing list