Disabling LM authentication

Kevin Colby kevinc at grainsystems.com
Mon Nov 27 20:40:58 GMT 2000


Gerald Carter wrote:
> 
> hmmm....downgrade attacks are server based.  I'm not sure
> what this gains you.  If a client wants to send you
> a list of older protocols, then that's the client's decision.

Perhaps the older protocol in question is itself vulnerable to
other attacks.  The client could demand the old protocol and then
attack that.

This is purely a guess, though.

	- Kevin Colby
	  kevinc at grainsystems.com




More information about the samba-technical mailing list