On 062, 03 02, 2008 at 06:55:09AM +0200, Timo Sirainen wrote:
> On Wed, 2008-02-27 at 12:46 +0300, Andrey Panin wrote:
> > Actually there is 4 authentication submethods inside the NTLM:
> > LM - server nonce only, highly vulnerable to MITM and rogue server attacks;
> > NTLM- different algo
On Wed, 2008-02-27 at 12:46 +0300, Andrey Panin wrote:
> Actually there is 4 authentication submethods inside the NTLM:
> LM- server nonce only, highly vulnerable to MITM and rogue server attacks;
> NTLM - different algorithm, almost equally vulnerable as LM today;
> NTLM2 - server and client
On 056, 02 25, 2008 at 12:57:19PM +0200, Timo Sirainen wrote:
> On Feb 24, 2008, at 11:21 PM, [EMAIL PROTECTED] wrote:
>
>> I'm not sure what NTLM version is used as default by authentication
>> between Outlook and dovecot and I couldn't find it out with a packet
>> sniffer.
>>
>> I think its NTL
On Feb 24, 2008, at 11:21 PM, [EMAIL PROTECTED] wrote:
I'm not sure what NTLM version is used as default by authentication
between Outlook and dovecot and I couldn't find it out with a packet
sniffer.
I think its NTLMv2 but I'm not sure so I'm asking here.
I know that NTLMv1 is not secure
