Penetration Testing mailing list archives

Re: Insecure Hash Algorithms (MD5) and NTLMv2

From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Thu, 3 Nov 2005 13:06:00 -0800

----- Original Message -----From: "Ben Nagy" <ben () iagu net>

To: "'Thierry Zoller'" <Thierry () sniff-em com>
Cc: <pen-test () securityfocus com>
Sent: Wednesday, November 02, 2005 5:33 AM
Subject: RE: Insecure Hash Algorithms (MD5) and NTLMv2

Although I often find these kind of link-paste responses amusing, in this
case I think it's rather specious.

Hi Ben-- It was just that sort of "link-paste" response that got this wholethread started. The OP could not substantiate his statements technically,so the responses become concatenated links to other non-substantiatedclaims.

The important thing for readers to walk away with is that Micorosft is *not*"dropping support for NTLMv2" as the OP claimed. Unfortunatedly, Howard'squote of "banning MD5 in future code" was stretched by the OP into"Microsoft drops support for NTLMv2." I wasn't so interested in trying tocorrect the OP, as responses showed he couldn't tell the difference betweennetlogon protocols and IPSec, but rather, I was trying to make sure thatother readers got better information.

While other protocols and components will continue to be developed, NTLMv2will be supported for quite a some time. That's really one of the coolthings about Vista- they are making higher level protocols more modular,allowing customers to plug-in lower-level components to better suit theirneeds.


Thanks.

T


------------------------------------------------------------------------------

Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilitiesto SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at:


http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Re: Insecure Hash Algorithms (MD5) and NTLMv2 Thierry Zoller (Nov 01)
- Re: Insecure Hash Algorithms (MD5) and NTLMv2 Daniel Miessler (Nov 01)
  - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Steve Friedl (Nov 03)
    - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Daniel Miessler (Nov 04)
- RE: Insecure Hash Algorithms (MD5) and NTLMv2 Ben Nagy (Nov 03)
  - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Thor (Hammer of God) (Nov 04)
- <Possible follow-ups>
- RE: Insecure Hash Algorithms (MD5) and NTLMv2 Miguel Dilaj (Nov 01)
  - Re: Insecure Hash Algorithms (MD5) and NTLMv2 Jack Lloyd (Nov 03)