[Dovecot] Dovecots default NTLM Version

Timo Sirainen tss at iki.fi
Sun Mar 2 06:55:09 EET 2008


On Wed, 2008-02-27 at 12:46 +0300, Andrey Panin wrote:
> Actually there is 4 authentication submethods inside the NTLM:
> LM	- server nonce only, highly vulnerable to MITM and rogue server attacks;
> NTLM	- different algorithm, almost equally vulnerable as LM today;
> NTLM2	- server and client nonce, but MITM can force downgrade to NTLM/LM;
> NTLMv2	- server and client nonce, MITM can't force downgrade.
> 
> NTLM password hash is required for NTLM, NTLM2 and NTLMv2.
> 
> 
> NTLMv2 can not be negotiated. It must be explicitly enabled on the client side
> by setting registry key below to at least 3.

So this basically means that unless NTLMv2 is explicitly enabled on
client side, NTLM auth is insecure because MITM can force a downgrade?

Would there be a point in adding a setting to make Dovecot allow only
NTLM2/NTLMv2, so a MITM-downgrade would only fail the authentication?
For example mechanisms = NTLM enables NTLM2+v2 and mechanisms = NTLM
NTLM1 enables both?

BTW. I hope you don't mind I added your mail to wiki with small
modifications: http://wiki.dovecot.org/Authentication/Mechanisms/NTLM

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080302/d1c908c7/attachment.bin 


More information about the dovecot mailing list