Can samba mitigate the vulnerability of NT hashes?
David Collier-Brown
davec-b at rogers.com
Wed Jan 9 08:29:23 MST 2013
Excellent, thanks, Laurent! --dave
On 01/09/2013 09:55 AM, laurent gaffie wrote:
> Hi Dave,
>
> See :
> http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#NTLMAUTH
>
> Also, forcing NTLMv2 authentication won't stop offline cracking attacks
> if you don't use strong passwords.
>
> Regards,
>
> 2013/1/9 David Collier-Brown <davec-b at rogers.com
> <mailto:davec-b at rogers.com>>
>
> Slashdot was all a-twitter about Mark Gamache's tutorial on breaking
> NTLM hashes (see
> http://markgamache.blogspot.com/2013/01/ntlm-challenge-response-is-100-broken.html)
>
> I know we have long supported NTLMv2, but does the protocol allow a
> Samba server to convince a client to *only* use NTLMv2, the version that
> is not susceptible to this particular attack?
>
> If so that would be A Kind Thing to do for the community...
>
> --dave
> --
> David Collier-Brown, | Always do right. This will gratify
> System Programmer and Author | some people and astonish the rest
> davecb at spamcop.net <mailto:davecb at spamcop.net> |
> -- Mark Twain
> (416) 223-8968 <tel:%28416%29%20223-8968>
>
>
--
David Collier-Brown, | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at spamcop.net | -- Mark Twain
(416) 223-8968
More information about the samba-technical
mailing list