<snip>
On Tue, Nov 25, 2008 at 10:51 AM, Memisyazici, Aras <[EMAIL PROTECTED]> wrote:
> <snip>
> M$ should just bite the incompatibility bullet and turn NTLM off - that's
> been an option for users, theoretically speaking, since about the time
> Windows Kerberos support became mature, and practically speaking, nobody
> seems to be turning NTLM off here in the real world.
> </snip>
>
> Err... Have ya' ever attended 'any' sec. conf. in the past 6 years?? If so,
> you'd see recommendation #1 has always been:
>
> *) refuse LM & NTLM, accept NTLMv2 only
>
</snip>
In reality, every machine I've ever built here at ODU (production
included) has had NTLM turned off.
No complaints yet.
--
Charles Morris
[EMAIL PROTECTED],
[EMAIL PROTECTED]
Network Security Administrator,
Software Developer
Office of Computing and Communications Services,
CS Systems Group Old Dominion University
http://www.cs.odu.edu/~cmorris
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
