I'm not too sure what you mean by "Digest Authentication". I'm running
IIS 4.0 on SP6a, and I have:
1) Anonymous
2) HTTP Basic Authentication
3) NT Challenge Response
I can tell you that the way those work is:
1) Anonymous doesn't require any authentication
2) HTTP Basic Authentication sends user\passwords over HTTP in Base64
encoded format (close to clear text which is *trivially* crackable)
3) NT-C\R *Requires* NetBIOS (a.k.a NBT or TCP/UDP ports 135, 137, 138 &
139)
In my experience, passing NetBIOS information over the Internet is a
VERY bad idea. All that said, I'd suspect that "Digest Auth" uses
NT-C\R and therefore NetBIOS and you're probably dropping it (as most
other people would.) Hope this helps!
Jason
[EMAIL PROTECTED] wrote:
>
> Hi,
>
> Anybody knows about this problem?
> I need login on an Internet Information Server (Microsoft), and I have
> seting up user auth. If I use the single mode on the Int. Inf. Server its
> ok, the firewall accepts my user & pass and the IIS accepts too. But If I
> use the complex metod (Digest Authentication) on IIS the firewall accepts
> my request, but the IIS ask me the user & pass but nothings happend, and
> again, and again ask for user & pass. . .
>
> Best regards,
>
> Matias Siri
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
