[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
- To: "Memisyazici, Aras" <arasm@xxxxxx>
- Subject: Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
- From: "Charles Morris" <cmorris@xxxxxxxxxx>
- Date: Tue, 25 Nov 2008 11:15:43 -0500
<snip>
On Tue, Nov 25, 2008 at 10:51 AM, Memisyazici, Aras <arasm@xxxxxx> wrote:
> <snip>
> M$ should just bite the incompatibility bullet and turn NTLM off - that's
> been an option for users, theoretically speaking, since about the time
> Windows Kerberos support became mature, and practically speaking, nobody
> seems to be turning NTLM off here in the real world.
> </snip>
>
> Err... Have ya' ever attended 'any' sec. conf. in the past 6 years?? If so,
> you'd see recommendation #1 has always been:
>
> *) refuse LM & NTLM, accept NTLMv2 only
>
</snip>
In reality, every machine I've ever built here at ODU (production
included) has had NTLM turned off.
No complaints yet.
--
Charles Morris
cmorris@xxxxxxxxxx,
cmorris@xxxxxxxxxxxx
Network Security Administrator,
Software Developer
Office of Computing and Communications Services,
CS Systems Group Old Dominion University
http://www.cs.odu.edu/~cmorris
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/