Can samba mitigate the vulnerability of NT hashes?

Christopher R. Hertel crh at samba.org
Wed Jan 9 14:29:05 MST 2013 

Dave,

There is information in my book about the settings used to force LMv2/NTLMv2 
authentication.  Note that there is no negotiation, so the client in 
particular has to be configured to disallow v1.

NTLMv2 is partially described in my book.  I included all of the information 
we had at the time (more than 10 years ago now).  One thing to note is that 
non-extended SMB1 authentication uses two responses, not just one.

With LMv1/NTLMv1, both the LM response and the NTLM response are 24 bytes 
long.  This is important, because some versions of Windows would only read 
24 bytes even if the length field indicated a different length.

The NTLMv2 response is more than 24 bytes long, so the LMv2 response was 
created so that servers that had the hard-coded 24 byte limit would still 
work.  LMv2 (like NTLMv2) uses a dual-challenge mechanism.  Both the client 
and the server generate challenges.  The client challenge is included in the 
LMv2 response (the last 8 bytes, I think).

In theory...  A new challenge/response mechanism could be created and added 
to both Samba and the Linux CIFS client.  It would be incompatible with 
existing mechanisms and clients that implemented the mechanism would only be 
able to authenticate to servers or domains that also implemented the 
mechanism.  As with NT/LMv1 vs. v2, there would be no negotiation, just 
settings on both ends that would allow them to use the new auth mechanism.

I'm not saying that's a good idea, just that it could be done.

:)

Chris -)-----

On 01/09/2013 09:40 AM, David Collier-Brown wrote:
> Cool: you guys are solving Windows problems before they are even
> discovered (:-))
>
> I've forwarded Laurent's comment to Slashdot, and suggested folks there
> consider setting up a virtual server using v2 to migrate unbroken
> services to.  Are there many things (some older IEs, for example) that
> break with v2? It might be mice to default to the most modern setting
> one can...
>
> --dave
>
> On 01/09/2013 09:55 AM, laurent gaffie wrote:
>> Hi Dave,
>>
>> See :
>> http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#NTLMAUTH
>>
>> Also, forcing NTLMv2 authentication won't stop offline cracking attacks
>> if you don't use strong passwords.
>>
>> Regards,
>>
>> 2013/1/9 David Collier-Brown <davec-b at rogers.com
>> <mailto:davec-b at rogers.com>>
>>
>>      Slashdot was all a-twitter about Mark Gamache's tutorial on breaking
>>      NTLM hashes (see
>>      http://markgamache.blogspot.com/2013/01/ntlm-challenge-response-is-100-broken.html)
>>
>>      I know we have long supported NTLMv2, but does the protocol allow a
>>      Samba server to convince a client to *only* use NTLMv2, the version that
>>      is not susceptible to this particular attack?
>>
>>      If so that would be A Kind Thing to do for the community...
>>
>>      --dave
>>      --
>>      David Collier-Brown,         | Always do right. This will gratify
>>      System Programmer and Author | some people and astonish the rest
>>      davecb at spamcop.net <mailto:davecb at spamcop.net>           |
>>                 -- Mark Twain
>>      (416) 223-8968 <tel:%28416%29%20223-8968>
>>
>>
>
>

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list