Re: [SQU] Paging Robert Collins from Robert Collins on 2000-10-24 (squid-users)

From: Robert Collins <robert.collins@dont-contact.us>
Date: Wed, 25 Oct 2000 08:35:17 +1100

Thanks for the page Michael. I will look into the MX/DNS config.. though I
believe I did receive them
(Tough luck & more datapoints..
A few more comments
no third one, haven't seen it on the list either ?)

Sorry for the lack of response... I have been thinking however...

One of your errors - the SetUpX errir is from your DC, yes.
the problem is getting the DC to reuse the challenge issued before the
comms error. Kinkie is looking into this with Thomas Goebel who has a
similar, more reproducible problem. (Check the list for a patch to
nrtlm/auth/modules/NTLMSSP.)

IE should always start under your windows domain credentials. If it starts
under a local machine account the NTLMSSP will never be able to authenticate
the user as there will be no DC <- local machine trust account

housekeeping as a potential issue? Could be - Kinkie do you want to stick
your oar in here?
(Kinkie has done all the helper programming to date..)

The posible race - it was only present because a pointer was not being
cleared after the helper was released.

question: can we retry again and again?
answer: probably not - if we lose comms with the dc we lose the choice of
challenge. Which we cche for performance reasons (and yes it does increase
the chance of replay attacks)

Rob.

----- Original Message -----
From: "Dr. Michael Weller" <eowmob@exp-math.uni-essen.de>
To: <squid-users@ircache.net>
Sent: Tuesday, October 24, 2000 11:18 PM
Subject: [SQU] Paging Robert Collins

> Hi Robert, hi list.
>
> I send 3 emails to you 22/13:50 23/17:42 23/19:31 my time (and this list)
> w/o any reaction from your side.
>
> Instead these mails are still queued on
> our server and it seems that while name servers for itdomain.com.au can be
> located through DNS and reached, that an MX record cannot be obtained
> making you (and anyone in itdomain.com.au) unreachable by means of email
> (if they don't have locally cached MX records for you).
>
> So, IMHO you should check your DNS configuration and I'd still like to
> know, of course, if you just didn't get my mails (even through the list)
> or if you got them but have no idea what to respond.
>
> Michael.
>
> --
>
> Michael Weller: eowmob@exp-math.uni-essen.de,
eowmob@ms.exp-math.uni-essen.de,
> or even mat42b@spi.power.uni-essen.de. If you encounter an eowmob account
on
> any machine in the net, it's very likely it's me.
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>
>

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

Received on Tue Oct 24 2000 - 15:33:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:54 MST