Ethereal-dev: [Ethereal-dev] Reassembly of security blob in SMB dissector

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Jean-Baptiste Marchand <Jean-Baptiste.Marchand@xxxxxx>
Date: Mon, 3 Feb 2003 11:51:28 +0100
Hello,

the attached capture shows the establishment of an SMB session,
authenticated with a Kerberos 5 token (extended security mode). 

Because of the token size, the SessionSetupAndX request is carried over
two NBSS messages. Thus, it is not possible to decode the content of the
security blob.

Looking at the SMB dissector options, it seems that fragmentation
reassembly is currently possible for DCE/RPC PDU (carried over SMB
named pipes) and SMB Transact payload command. Does security blob
reassembly would fit in the same category?

I can work on this if nobody else plans to implement it.

Thanks for your help,

Jean-Baptiste Marchand
-- 
Jean-Baptiste.Marchand@xxxxxx
Herv� Schauer Consultants
http://www.hsc.fr/

Attachment: smb_ext_sec_krb5.cap.gz
Description: application/gunzip