Disabling LM authentication
Mayers, Philip J
p.mayers at ic.ac.uk
Tue Nov 28 14:00:18 GMT 2000
Win2K does it as a client setting "Don't send LM hash", "Don't sent NTLMv1
hash"
Regards,
Phil
+----------------------------------+
| Phil Mayers, Network Support |
| Centre for Computing Services |
| Imperial College |
+----------------------------------+
-----Original Message-----
From: David Collier-Brown [mailto:David.Collier-Brown at canada.sun.com]
Sent: 28 November 2000 12:39
To: Gerald Carter
Cc: Steve Langasek; samba-technical at samba.org
Subject: Re: Disabling LM authentication
Gerald Carter wrote:
> I never said it was perfect. :-) It only addresses
> the brute forcing of lanman passwords in the event that
> somone gets you smbpasswd file.
>
> In the light of this I can see where DCB's patch would
> be useful now. I'll talk to Jeremy and stick it in.
However, subsequent discussion shows
that it won't really help this case...
We need a specific "no lanman hashes" mechanism
that doesn't break clients. Anyone care to
suggest a good way to do that?
--dave
--
David Collier-Brown, | Always do right. This will gratify some people
185 Ellerslie Ave., | and astonish the rest. -- Mark Twain
Willowdale, Ontario | //www.oreilly.com/catalog/samba/author.html
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com
More information about the samba-technical
mailing list