On Feb 24, 2008, at 11:21 PM, [EMAIL PROTECTED] wrote:

I'm not sure what NTLM version is used as default by authentication between Outlook and dovecot and I couldn't find it out with a packet sniffer.

I think its NTLMv2 but I'm not sure so I'm asking here.

I know that NTLMv1 is not secure against a man in the middle.

I didn't write the NTLM code, but as far as I understand it, NTLMv2 is used if both client and server negotiates it. But then again I'd think a MITM could force v1 to be negotiated and then attack that, so it doesn't seem all that secure that way either.. Maybe it's prevented in some way.

I think the password hashes also affect this somehow. Maybe NTLM passwords work for v2 and LM passwords for v1?

Maybe Andrey can shed some light into this? :)

Attachment: PGP.sig
Description: This is a digitally signed message part

Reply via email to