Can samba mitigate the vulnerability of NT hashes?
laurent gaffie
laurent.gaffie at gmail.com
Wed Jan 9 07:55:48 MST 2013
Hi Dave,
See :
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#NTLMAUTH
Also, forcing NTLMv2 authentication won't stop offline cracking attacks if
you don't use strong passwords.
Regards,
2013/1/9 David Collier-Brown <davec-b at rogers.com>
> Slashdot was all a-twitter about Mark Gamache's tutorial on breaking
> NTLM hashes (see
>
> http://markgamache.blogspot.com/2013/01/ntlm-challenge-response-is-100-broken.html
> )
>
> I know we have long supported NTLMv2, but does the protocol allow a
> Samba server to convince a client to *only* use NTLMv2, the version that
> is not susceptible to this particular attack?
>
> If so that would be A Kind Thing to do for the community...
>
> --dave
> --
> David Collier-Brown, | Always do right. This will gratify
> System Programmer and Author | some people and astonish the rest
> davecb at spamcop.net | -- Mark Twain
> (416) 223-8968
>
More information about the samba-technical
mailing list