[Samba] Attaching a VOIP appliance
Stefan G. Weichinger
lists at xunil.at
Thu Nov 17 12:35:23 UTC 2022
Am 17.11.22 um 13:08 schrieb Rowland Penny via samba:
>
>
> On 17/11/2022 11:39, Stefan G. Weichinger via samba wrote:
>> I added this for a short test:
>>
>> lm announce = no
>> lanman auth = no
>> ntlm auth = yes
>> client lanman auth = no
>> client ntlmv2 auth = yes
>
> The only one that really needs setting is 'ntlm auth = yes', but there
> is a problem with that, it isn't very secure.
Yes ...
>> recommendations?
>>
>
> Put it back in the box, send it back and find another, more secure PBX.
;-)
> Knowing how loathe companies are to buy things, they probably expect
> this thing to last at least 10 years. Before that time is up, I expect
> there to be nothing mainstream using NTLMv1, mind you, this is just my
> opinion.
I don't want to do it anyway ... the feature isn't that important to
justify such a security weakness.
I just turned NTLMv1 on for a quick A/B test: check if the computer
account password is the problem or not. Now it's off again.
They have to create and use some local user for their PC software (who
knows how unsafe that is ...)
Thanks for the quick reply, Stefan
More information about the samba
mailing list