RE: Passwords with Lan Manager (LM) under Windows

From: Craig Wright (cwright@bdosyd.com.au)
Date: Thu Sep 22 2005 - 01:05:58 EDT

• Next message: Craig Wright: "RE: Passwords with Lan Manager (LM) under Windows"
• Previous message: Alvin: "VOIP Security"
• Maybe in reply to: Cedric.Baechler@vtg.admin.ch: "Passwords with Lan Manager (LM) under Windows"
• Next in thread: Thor (Hammer of God): "Re: Passwords with Lan Manager (LM) under Windows"
• Reply: Thor (Hammer of God): "Re: Passwords with Lan Manager (LM) under Windows"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Further to the last post
There are a number of issues with NTLMv2 and legacy applications such as
Windows RAS that cause lower levels of authentication

I still say that Kerberos or IPsec based auth is the best policy in
windows. LanMan, NTLMv1 or V2 are vulnerable.

Precomputed tables may have been uncommon 12 months ago - but that was
then and this is now.

Cain & Abel will use sorted Rainbow Tables for Cryptanalysis attacks

Craig

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
Sent: 22 September 2005 12:00
To: Craig Wright; pand0ra.usa@gmail.com; pen-test@securityfocus.com
Subject: Re: Passwords with Lan Manager (LM) under Windows

----- Original Message -----
From: "Craig Wright" <cwright@bdosyd.com.au>
To: <pand0ra.usa@gmail.com>; <pen-test@securityfocus.com>
Sent: Wednesday, September 21, 2005 12:32 PM
Subject: RE: Passwords with Lan Manager (LM) under Windows

> Even NTLMv2 will break the hashing into chunks which are able to be
> individually broken down.

I'm not sure what you mean... NTLMv2 uses a single 128bit key for the
hash,
challenge and response... Or are you referring to the NTLM2 session
response key (56+56+16)? If so, that is not the same thing as NTLMv2...
Can
you elaborate please ?

t

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Craig Wright: "RE: Passwords with Lan Manager (LM) under Windows"
• Previous message: Alvin: "VOIP Security"
• Maybe in reply to: Cedric.Baechler@vtg.admin.ch: "Passwords with Lan Manager (LM) under Windows"
• Next in thread: Thor (Hammer of God): "Re: Passwords with Lan Manager (LM) under Windows"
• Reply: Thor (Hammer of God): "Re: Passwords with Lan Manager (LM) under Windows"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:59 EDT