Can samba mitigate the vulnerability of NT hashes?

laurent gaffie laurent.gaffie at gmail.com
Wed Jan 9 07:55:48 MST 2013


Hi Dave,

See :
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#NTLMAUTH

Also, forcing NTLMv2 authentication won't stop offline cracking attacks if
you don't use strong passwords.

Regards,

2013/1/9 David Collier-Brown <davec-b at rogers.com>

> Slashdot was all a-twitter about Mark Gamache's tutorial on breaking
> NTLM hashes (see
>
> http://markgamache.blogspot.com/2013/01/ntlm-challenge-response-is-100-broken.html
> )
>
> I know we have long supported NTLMv2, but does the protocol allow a
> Samba server to convince a client to *only* use NTLMv2, the version that
> is not susceptible to this particular attack?
>
> If so that would be A Kind Thing to do for the community...
>
> --dave
> --
> David Collier-Brown,         | Always do right. This will gratify
> System Programmer and Author | some people and astonish the rest
> davecb at spamcop.net           |                      -- Mark Twain
> (416) 223-8968
>


More information about the samba-technical mailing list