| Server IP : 23.254.227.96 / Your IP : 216.73.216.7 Web Server : Apache/2.4.62 (Unix) OpenSSL/1.1.1k System : Linux hwsrv-1277026.hostwindsdns.com 4.18.0-477.13.1.el8_8.x86_64 #1 SMP Tue May 30 14:53:41 EDT 2023 x86_64 User : viralblo ( 1001) PHP Version : 8.1.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/share/doc/dovecot/wiki/ |
Upload File : |
NTLM ==== There are four authentication submethods inside the NTLM: 1. LM: server nonce only, highly vulnerable to MITM and rogue server attacks. 2. NTLM: different algorithm, almost equally vulnerable as LM today. 3. NTLM2: server and client nonce, but MITM can force downgrade to NTLM/LM. 4. NTLMv2: server and client nonce, MITM can't force downgrade. NTLM <password scheme> [Authentication.PasswordSchemes.txt] is required for NTLM, NTLM2 and NTLMv2. NTLMv2 can not be negotiated. It must be explicitly enabled on the client side by setting registry key below to at least 3: * Win9x: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibility' * WinNT: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibilityLevel' Dovecot's NTLM logic is: 1. If we have only LM password scheme, try LM authentication; 2. If client sends LM response only (some very old clients do it), try LM too; 3. If NTLMv2 is guessed (using client response length), try NTLMv2; 4. If NTLM2 was negotiated, try it; 5. Otherwise try NTLM. For more information about NTLM internals, see http://ubiqx.org/cifs/ and http://davenport.sourceforge.net/ntlm.html (This file was created from the wiki on 2019-06-19 12:42)