timestamp use in Microsoft NTLM (v2) - c++

I`m working on custom implementing of NTLM and NTLMv2 protocol for authorization on Lync (Skype for business) server. While reading the offical specification and http://davenport.sourceforge.net/ntlm.html I have got several questions which I cant find answer on. One of them is following:
The question is about NTLMv2 responce (especially the blob). It says that blob should contain timestamp
since January 1, 1601
. What is this for? How does it ensure security if the server doesnt know my local time. Or maybe I should use timestamp provided in type 2 message by server?

Incomplete answer, but I haven't better for now
Or maybe I should use timestamp provided in type 2 message by server?
Yes. As said in the documentation linked above in my comment MS-NLMP
If NTLM v2 authentication is used, the client SHOULD send the timestamp in the
CHALLENGE_MESSAGE.<47>
If there exists a CHALLENGE_MESSAGE.TargetInfo.AvId ==
MsvAvTimestamp
Set Time to CHALLENGE_MESSAGE.TargetInfo.Value of that AVPair
Else
Set Time to Currenttime
Endif

Related

How to send post from Zapier python in less than 1.00 seconds?

Is there a way to send a POST from a "Code by Zapier" Zap to MailChimp to add a subscriber to a list and have it reliably complete in less than 1.00 second?
I spent the weekend at a volunteer hackathon for non-profit organizations. My non-profit client needs some data parsed out of an email and used to add a subscriber to a list in MailChimp (the Commerce portion of SquareSpace emails the data but doesn't allow setting storage on the purchase form to MailChimp -- even though that works in SquareSpace if you're not in the Commerce area). We found we could do that with Zapier -- except we ran up to the limits of what one can do with a free account on Zapier and the non-profit couldn't purchase a paid account right now (the Zapier discount for non-profits is a 15% reduction).
The first limitation was we couldn't do a 3-step zap (maximum 2 steps for free accounts) to go from (1) a Gmail trigger to (2) "Code by Zapier" to parse the email contents and then (3) to MailChimp. The workaround we came up with was to delete step #3 and send to MailChimp directly via http POST to the MailChimp API from a Python script in "Code by Zapier". This worked in test mode in Zapier.
But once the Zap was turned on and we ran an end-to-end test with the site, the Zap failed. There is a 1.00 second runtime limitation to free Zaps: after that Zapier kills the job. The POST to MailChimp took long enough that the Zap timed out.
I used "Code by Zapier" with Python to send the post. They use Python 2.7.10. I was able to import requests to do the post, and I found several other modules worked too, such as json, httplib, and urllib.
What I'm wondering is whether there's a way to get the POST to happen reliably in under 1 second. For example, is there a way to use an async send and then not wait for the response. And I'm constrained to Python 2.7.10 and the Zapier environment. Zapier also allows JavaScript as an alternative to Python, so that might be another path to investigate if there's no solution in Python.
David here, from the Zapier Platform team.
I can't speak to the speed of Python specifically, but I know that javascript can fire off requests without waiting for a response. We've got a basic example here, which you'd modify to send the request and the immediately end execution (by calling the callback function). This won't be a great experience because errors will happen silently, but it'll almost certainly fit in the 1 second window.
Separately, the whole python stdlib is available, as well as the requests module (docs)

REST - Get updated resource

I working on a service which scrapes specific links from blogs. The service makes calls to different sites which pulls in and stores the data.
I'm having troubles specifying the url for updating the data on the server where I now use the verb update to pull in the latest links.
I currently use the following endpoints:
GET /user/{ID}/links - gets all previously scraped links (few milliseconds)
GET /user/{ID}/links/update - starts scraping and returned the scraped data (few seconds)
What would be a good option for the second url? some examples I came up with myself.
GET /user/{ID}/links?collection=(all|cached|latest)
GET /user/{ID}/links?update=1
GET /user/{ID}/links/latest
GET /user/{ID}/links/new
Using GET to start a process isn't very RESTful. You aren't really GETting information, you're asking the server to process information. You probably want to POST against /user/{ID]/links (a quick Google for PUT vs POST will give you endless reading if you're curious about the finer points there). You'd then have two options:
POST with background process: If using a background process (or queue) you can return a 202 Accepted, indicating that the service has accepted the request and is about to do something. 202 generally indicates that the client shouldn't wait around, which makes sense when performing time dependent actions like scraping. The client can then issue GET requests on the first link to retrieve updates.
Creative use of Last-Modified headers can tell the client when new updates are available. If you want to be super fancy, you can implement HEAD /user/{ID}/links that will return a Last-Modified header without a response body (saving both bandwidth and processing).
POST with direct processing: If you're doing the processing during the request (not a great plan in the grand scheme of things), you can return a 200 OK with a response body containing the updated links.
Subsequent GETs would perform as normal.
More info here
And here
And here

Getting 403 Forbbiden error with Google cloud

We are getting "Forbidden error(403)" while trying to upload data on Google cloud when there is a time skew on my machine i.e. my machine clock is not synchronized/updated with the NTP server.
Why does Google not return the proper error information?
It is very likely that you are setting the "Date" field incorrectly. All (signed) API v1.0 requests must include a "Date" header, and that header must be part of the signature for the request. The Date field must be within 15 minutes of the real clock time that Google's servers receive your request. If your clock is more than 15 minutes skewed, your signed requests will be rejected.
For more, please see the v1.0 API documentation here: https://developers.google.com/storage/docs/reference/v1/developer-guidev1#authentication under the CanonicalHeaders section.
This is also the case with S3. See here: http://aws.amazon.com/articles/1109?_encoding=UTF8&jiveRedirect=1#04

Amazon SES Statistics

I facing some issue related to Amazon SES Statistic ordering, actually my recent sending mail static are in middle of data record it should be at top or lower of the record so what is the reason behind it?
My Question is How i do a simple report status with how much emails returned, invalid emails and emails sent if the "GetSendStatistics" returns a unordered list?
You will need to sort the data yourself, by using the Timestamp field of SendDataPoint. Unfortunately, the list returning from GetSendStatistics is not sorted.
This happens because due to the characteristics and nature of sending e-mail over the Internet, it might take a different amount of time for a server to determine whether a message (or a set of messages) is confirmed to have bounced, or to be delivered for sure. Please refer to this thread at AWS forums for a similar question and some insight into the issue you are facing.

Timestamp of server from a web service call

Is there a way that I can retrieve the timestamp of a web service call? I'm trying to get the time of the server hosting the web service.
Easiest thing to do is to just log them in the server implementation of your service contract, you can use PostSharp to make some attributes to take of this aspect.
For instance, you can write a Trace attribute which simply logs a debug message when a method is invoke. Here's one I wrote a while back which tracks how long a method takes and log a warning message if it takes longer than a set threshold:
http://theburningmonk.com/2010/03/aop-method-execution-time-watcher-with-postsharp/
I came across some 'trace' attribute example before, if you want I can look for it for ya.