Can samba mitigate the vulnerability of NT hashes?
David Collier-Brown
davec-b at rogers.com
Wed Jan 9 15:47:54 MST 2013
On 01/09/2013 04:29 PM, Christopher R. Hertel wrote:
> Dave,
>
> There is information in my book about the settings used to force
> LMv2/NTLMv2 authentication. Note that there is no negotiation, so the
> client in particular has to be configured to disallow v1.
Bother! I was really rather hoping that we could offer only the "good
NTLMs" in a negotiation and thereby have the older clients behave securely.
Ah well, let us hope the MS sends a patch to make XP clients prefer the
more secure approach.
Thanks, Chris!
--dave (once more, a fact slays a wonderful, but incorrect, theory) c-b
--
David Collier-Brown, | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at spamcop.net | -- Mark Twain
(416) 223-8968
More information about the samba-technical
mailing list