|
Post by tonystrak on Dec 28, 2017 5:43:04 GMT -5
Hi, I have a question i could not find an answer in documentation. I will open wireshark later on to validate my assumption, but maybe someone here is familiar with the flow. When a client machine create SMB session and connect to server, the server then communicate with DC to validate the credentials sent are good. The response message from server to client, includes the hostname of the server. Who fills the hostname in the response message from server to client ? does the DC uses DNS/Netbios to resolve the server IP to hostname, or the server fill it (since he knows he's host.. he is the hostname itself)The client offers up its name, meaning that it could lie. If certain signing and sealing (encryption) option are turned on, the host info can be important for mutual authentication. Thanks! For more details: Company Overview Video
|
|