Penetration Testing mailing list archives
RE: Passwords with Lan Manager (LM) under Windows
From: "Craig Wright" <cwright () bdosyd com au>
Date: Thu, 22 Sep 2005 19:40:51 +1000
Hi And what I said the first time was IPSec with Kerberos. A security association between two devices is set up by the AH protocol Security Associations: A Security Association (SA) is a set of security information that describes a particular kind of secure connection between one device and another. You can consider it a "contract", if you will, that specifies the particular security mechanisms that are used for secure communications between the two. A device's security associations are contained in its Security Association Database (SAD) authenticate // (say aw'thentuhkayt) verb (t) (authenticated; authenticating) 1. to make authoritative or valid. 2. to establish as genuine. --authenticable // (say aw'thentikuhbuhl), adjective --authentication // (say aw.thentuh'kayshuhn), noun --authenticator, noun http://www.ietf.org/rfc/rfc2401.txt (RFCs 2401,2402,2406,2408,2409 all cover this) Goals/Objectives/Requirements/Problem Description IPsec is designed to provide interoperable, high quality, cryptographically-based security for IPv4 and IPv6. The set of security services offered includes access control, connectionless integrity, data origin authentication, protection against replays (a form of partial sequence integrity), confidentiality (encryption), and limited traffic flow confidentiality. These services are provided at the IP layer, offering protection for IP and/or upper layer protocols Please note that this is NOT out of context and that a goal of IPSec **IS** "data origin authentication" And not to just google a few areas http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp Internet Protocol Security (IPSec) provides application-transparent encryption services for IP network traffic as well as other network access protections for the Windows 2000 operating system. and Using Internet Protocol Security (IPSec), you can provide data privacy, integrity, authenticity, and anti-replay protection for network traffic in the following scenarios: * Provide for end-to-end security from client-to-server, server-to-server, and client-to-client using IPSec transport mode. * Secure remote access from client-to-gateway over the Internet using Layer Two Tunneling Protocol (L2TP) secured by IPSec. Yes there are 2 senarios - L2TP is ONE of them. I was and am refering to point 1. "IPSec provides secure gateway-to-gateway connections across outsourced private wide area network (WAN) or Internet-based connections using L2TP/IPSec tunnels or pure IPSec tunnel mode. IPSec tunnel mode is not designed to be used for virtual private network (VPN) remote access. The Windows 2000 Server operating system simplifies deployment and management of network security with Windows 2000 IP Security, a robust implementation of IP Security (IPSec). Designed by the Internet Engineering Task Force (IETF) as the security architecture for the Internet Protocol (IP), IPSec defines IP packet formats and related infrastructure to provide end-to-end strong authentication, integrity, anti-replay, and (optionally) confidentiality for network traffic. An on-demand security negotiation and automatic key management service is also provided using the IETF-defined Internet Key Exchange (IKE), RFC 2409. IPSec and related services in Windows 2000 have been jointly developed by Microsoft and Cisco Systems, Inc." Again please note "to provide end-to-end strong authentication" If you prefer a source other than the IEFT or MSFT http://www.windowsecurity.com/articles/Securing_Data_in_Transit_with_IPSec.html "What IPSec Does IPSec is designed to provide authentication (verification of the identity of the sender), integrity (assurance that the data was not changed in transit) and confidentiality (encryption of the data so that it can’t be read by anyone who doesn’t have the correct key)." As for "article you reference does indeed use the phrase "IPSec Authentication," but as any who reads it will see, the term is used to describe the higher level protocol deployment; a higher level protocol that has, as I said before, 3 authentication mechanisms available to establish a connection. Here's the article that should be referenced:" Well actually - the article ***I*** used is above and referenced. I also used http://support.microsoft.com/Default.aspx?kbid=253169 http://support.microsoft.com/support/kb/articles/Q254/9/49.ASP http://support.microsoft.com/Default.aspx?kbid=254949 http://www.securityfocus.com/infocus/1526 http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.mspx http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/d3e4d311-32eb-4954-9cd8-6d03e4d63e53.mspx http://www.windowsitpro.com/WindowsSecurity/Article/ArticleID/25730/25730.html and a few RFC's - to which for the record - I prefer altavista over google. "Using IPSec to Lock Down a Server" from the above list is old but goode Please if you wish to have have me take something off the list, Please ask off the list Craig -----Original Message----- From: Thor (Hammer of God) [mailto:thor () hammerofgod com] Sent: Thu 22/09/2005 5:54 PM To: Craig Wright; pand0ra.usa () gmail com; pen-test () securityfocus com Cc: Subject: Re: Passwords with Lan Manager (LM) under Windows I saw this one first, so I go top-down (It's getting late for me, so I'll get right to it.) First off-- don't just Google for it and reference a single article with out-of-context "cut and paste" elements from: http://www.microsoft.com/technet/itsolutions/cits/mo/smf/smfsecad.mspx You quote: "advisable to make IPsec-based authentication a part of the authentication process" The actual text reads: "As mentioned earlier, L2TP relies on other protocols for its security. L2TP authentication is best for the exchange of packets between the LAC and the LNS. Therefore, it is advisable to make IPSec-based authentication a part of L2TP." Other quotes are similar.. My original post was to content regarding actual authentication protocol mechanisms like LM, NTLM, NTLMv2 and Kerberos. The article you reference does indeed use the phrase "IPSec Authentication," but as any who reads it will see, the term is used to describe the higher level protocol deployment; a higher level protocol that has, as I said before, 3 authentication mechanisms available to establish a connection. Here's the article that should be referenced: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/be7540ff-2a1d-47b4-8e7f-501ec692ad11.mspx The relevant text being: <meat> Overview of authentication methods: For authentication, IPSec allows you to use the Kerberos V5 protocol, certificate-based authentication, or preshared key authentication. </meat> Which is what I said the first time. And not to be blunt, but your previous post describing the IPSec channel setup of "system" and "client" is just wrong... the above link has many other references that will help you understand how IPSec Policies and component filters and actions work. The "2 parts" are the default negotiation, and the subsequent filter definitions. Both of which still require a PSK, Kerberos auth, or cert to be established. The data is all right there if you want to check it out-- I don't see any reason to argue about it, and it's all right there in the documentation... If you want to discuss this off-list, (in a constructive way) I'm happy to do so, but I think we're done on the list... (except for my last response to the first message- then I'm hitting the sack ;) t ----- Original Message ----- From: "Craig Wright" <cwright () bdosyd com au> To: "Thor (Hammer of God)" <thor () hammerofgod com>; <pand0ra.usa () gmail com>; <pen-test () securityfocus com> Sent: Thursday, September 22, 2005 12:01 AM Subject: RE: Passwords with Lan Manager (LM) under Windows PPPS To drop a quote from Technet (Microsoft Corporation) "IPsec based Authentication and integrity" and "Initial security proposals involve using IPsec-based authentication" "advisable to make IPsec-based authentication a part of the authentication process" "IPsec-based authentication is recommended" To quote the "rmt-pi" working party from the IETF "provided using IPsec-based authentication at the network layer" "I'd have to say that there is no such thing..." - Please inform MSFT - they seem to think there is Craig -----Original Message----- From: Thor (Hammer of God) [mailto:thor () hammerofgod com] Sent: 22 September 2005 3:46 To: Craig Wright; pand0ra.usa () gmail com; pen-test () securityfocus com Subject: Re: Passwords with Lan Manager (LM) under Windows Well, that's an issue with the client, not NTLMv2. NTLMv2 is tight. LM sucks- that's obvious (and it was IBM, not MS that gave us that one.) And yes, you can use precomputed tables against NTLM hashes, but not against NTLMv2... The NTLM hash is keyed off of the password, but NTLMv2 hashes up the password with the user's domain/user data when generating the key... You can't precompile that data into a rainbow, you know? Regarding the "IPsec based auth" reference (here I go again), I'd have to say that there is no such thing... IPSec negotiation in Windows can be based on one of three mechanisms: A pre-shared key, Kerberos, or a cert-- it is not an authentication protocol in itself... (the cert being the strongest IMO). t ----- Original Message ----- From: "Craig Wright" <cwright () bdosyd com au> To: "Thor (Hammer of God)" <thor () hammerofgod com>; <pand0ra.usa () gmail com>; <pen-test () securityfocus com> Sent: Wednesday, September 21, 2005 10:05 PM Subject: RE: Passwords with Lan Manager (LM) under Windows Further to the last post There are a number of issues with NTLMv2 and legacy applications such as Windows RAS that cause lower levels of authentication I still say that Kerberos or IPsec based auth is the best policy in windows. LanMan, NTLMv1 or V2 are vulnerable. Precomputed tables may have been uncommon 12 months ago - but that was then and this is now. Cain & Abel will use sorted Rainbow Tables for Cryptanalysis attacks Craig -----Original Message----- From: Thor (Hammer of God) [mailto:thor () hammerofgod com] Sent: 22 September 2005 12:00 To: Craig Wright; pand0ra.usa () gmail com; pen-test () securityfocus com Subject: Re: Passwords with Lan Manager (LM) under Windows ----- Original Message ----- From: "Craig Wright" <cwright () bdosyd com au> To: <pand0ra.usa () gmail com>; <pen-test () securityfocus com> Sent: Wednesday, September 21, 2005 12:32 PM Subject: RE: Passwords with Lan Manager (LM) under Windows
Even NTLMv2 will break the hashing into chunks which are able to be individually broken down.
I'm not sure what you mean... NTLMv2 uses a single 128bit key for the hash, challenge and response... Or are you referring to the NTLM2 session response key (56+56+16)? If so, that is not the same thing as NTLMv2... Can you elaborate please ? t
Current thread:
- RE: Passwords with Lan Manager (LM) under Windows, (continued)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows Thor (Hammer of God) (Sep 22)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)
- Re: Passwords with Lan Manager (LM) under Windows philippe . nospam . oechslin (Sep 23)
- Re: Passwords with Lan Manager (LM) under Windows Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Sep 24)
- RE: Passwords with Lan Manager (LM) under Windows Craig Wright (Sep 22)