Ntlm

Preview:

Click to see full reader

Citation preview

Windows New Technology

LAN Manager

NTLM Protocol

NTLM is a mechanism for

authentication.

Can prove identities without sending a

password to the server.

NTLM has a ‘Hash Security’ issue

How it works

NTLM has three messages:

Type 1:

Negotiation

Type 2:

Challenge

Type 3:

Authentication

LM Hash Security Issue

Not a true one-way function

Passwords longer than 7 characters

are divided into 2 pieces. Each piece

is hashed separately.

All lowercase passwords are

changed to uppercase before

hashed, making it easier to crack.

LM Hash Security Issue:

Doesn’t use cryptographic salt –

Ophcrack can crack LM encryption.

Implementation – change only when

user changes password.

Brute force attacks can be cracked

in hours.

NTLM Replaced by

KerberosNTLM has been replaced by Kerberos.

Kerberos is the most secure authentication and

best choice for Microsoft SharePoint Server.

Recommended

Configuring NTLM Authentication for URL Filtering and Browsing
Documents
[MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocolpirate-network.com/data/Windows_Server_Protocols/[MS-NLMP].pdf · NT LAN Manager (NTLM) Authentication Protocol Intellectual
Documents
· Web viewIf NTLM is supported, the server includes the word "NTLM" in the list. The messages involved are formally described in section 2.2. 1.8 Vendor-Extensible Fields The NTLM
Documents
interoperability.blob.core.windows.net · Web viewIf NTLM is supported, the server will list the word "AUTH=NTLM" in the list. The messages involved are formally described in other
Documents
winprotocoldoc.blob.core.windows.net · Web view[MS-SMTPNTLM]: NT LAN Manager (NTLM) Authentication: Simple Mail Transfer Protocol (SMTP) Extension. Intellectual Property Rights Notice
Documents
[MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol€¦ · NT LAN Manager (NTLM) Authentication Protocol Intellectual Property Rights Notice for Open Specifications Documentation
Documents
[MS-NLMP-Diff]: NT LAN Manager (NTLM) Authentication Protocol€¦ · NT LAN Manager (NTLM) Authentication Protocol Intellectual Property Rights Notice for Open Specifications Documentation
Documents
winprotocoldoc.blob.core.windows.netMS-NLM…  · Web view[MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol. Intellectual Property Rights Notice for Open Specifications Documentation
Documents
Ntlm Unsafe
Technology
Session Code: SIA402. Overview Kerberos Overview How Kerberos Authenticates: Tickets to Paradise Making Sure You Use Kerberos… Not NTLM Cranking Up Kerberos:
Documents
interoperability.blob.core.windows.net...  · Web viewThe client discovers whether the server supports NTLM authentication by sending the IMAP4 CAPABILITY command, as described in
Documents
Introduction - Microsoft...  · Web viewThis protocol documentation is covered by Microsoft copyrights. ... among which authentication mechanisms are listed. If NTLM is supported,
Documents
Windows NTLM SSO weak. . . soooo weak.grutz.jingojango.net/presentations/NTLM SSO - DeepSec08.pdf · 2016-04-19 · grutz @ jingojango.net NTLM SSO Slide # Windows (NTLM) Authentication
Documents
winprotocoldoc.blob.core.windows.net... · Web viewThe server responds with a list of supported authentication mechanisms. If NTLM is supported, the server will include the word "NTLM"
Documents
The NTLM family cons
Documents
Microsoft...  · Web viewNone of the flags specified in [MS-NLMP] section 3.1.1 are specific to NTLM. The following is a description of how POP3 uses NTLM. All NTLM messages are
Documents
[MS-APDS]: Authentication Protocol Domain Support · Security (TLS), and Digest authentication. APDS is used by NT LAN Manager (NTLM) and the APDS is used by NT LAN Manager (NTLM)
Documents
Kerberos, NTLM and LM-Hash
Technology
[MS-POP3]: NT LAN Manager (NTLM) Authentication: Post ......Note For the purposes of this document, the NT LAN Manager (NTLM) Authentication: Post Office Protocol–Version 3 (POP3)
Documents
Introduction - Windows Web viewThe NT LAN Manager (NTLM) Authentication Protocol is used in Windows for authentication between clients and servers
Documents