Samba4 NTLMv2 negotiation
waider at waider.ie
Tue Jun 28 00:05:17 GMT 2005
On June 28, abartlet at samba.org said:
> A different kettle of fish however is the NTLM2 modified response (part
> of NTLM2 session security), where in NTLMSSP we negotiate not to send
> the LM password, and to send a client challenge to make up part of the
> otherwise unmodified NTLM response.
Do shoot me down if I'm wrong here, but wasn't there a third issue
mentioned not so long ago in the context of "negotiating down"
protocols whereby you're essentially undermining security measures
that may have been intentionally put in place by the domain admin?
Waider. Yes, still attempting to contribute validly amid the bad jokes.
waider at waider.ie / Yes, it /is/ very personal of me.
"You know, i don't think coffee's measured in pints at all. it's measured in
Small, Medium, Large, Fat American, and Reserve Tank." - AjD
More information about the samba-technical