Security Basics mailing list archives
LM and NTLM Hashes
From: Flavio Braga <flaviobs () uol com br>
Date: Tue, 06 Sep 2005 13:56:06 -0300
Hi all!I have a question about LM and NTLM hashes. Hope someone will have something to say.
Sorry about my ignorance. I was testing Cain & Abel in my network. I did run the sniffer for some time, and so I sent the captured packets to the cracker. Some documentation says that LM and NTLM hashes have 16 bytes. But only a few packets have identified 16 bytes long hashes. The program lists all the other packets with 24 bytes
long hashes in the same columns as LM & NTLM.My question is: what kind of hashes are them? And another one. Does it mean that LM & NTLM are not the only way to authenticate users? We don't have Kerberos in the network. I saw that pop3 clients send passwords in text mode. Is there any way to protect passwords from email clients? Or the users have to access emails from
webmails? Thank you for any help. Flavio
Current thread:
- LM and NTLM Hashes Flavio Braga (Sep 06)
- <Possible follow-ups>
- RE: LM and NTLM Hashes Roger A. Grimes (Sep 08)
- RE: LM and NTLM Hashes Roger A. Grimes (Sep 09)