Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft takes 7 years to 'solve' a problem?!

From: "Charles Morris" <cmorris () cs odu edu>
Date: Tue, 25 Nov 2008 11:15:43 -0500
<snip>
On Tue, Nov 25, 2008 at 10:51 AM, Memisyazici, Aras <arasm () vt edu> wrote:

<snip>
M$ should just bite the incompatibility bullet and turn NTLM off - that's been an option for users, theoretically 
speaking, since about the time Windows Kerberos support became mature, and practically speaking, nobody seems to be 
turning NTLM off here in the real world.
</snip>

Err... Have ya' ever attended 'any' sec. conf. in the past 6 years?? If so, you'd see recommendation #1 has always 
been:

*) refuse LM & NTLM, accept NTLMv2 only


</snip>

In reality, every machine I've ever built here at ODU (production
included) has had NTLM turned off.

No complaints yet.

-- 
Charles Morris
       cmorris () cs odu edu,
       cmorris () occs odu edu

Network Security Administrator,
Software Developer

Office of Computing and Communications Services,
CS Systems Group              Old Dominion University
http://www.cs.odu.edu/~cmorris

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: