Where results make sense

About us   |   Why use us?   |   Reviews   |   PR   |   Contact us

Configuring NTLM - AlfrescoWiki NTLM authentication can be used to provide single signon to Alfresco,and the password that is sent over the network is more secure than when using basic authentication. NTLM passthru authentication can also be used to replace the standard Alfresco user database and use a Windows server/domain controller, or list of servers, to authenticate users accessing Alfresco. Firefox and Mozilla also support the use of NTLM but you need to add the URI to the Alfresco site that you want to access to network.automatic-ntlm-auth.trusted-uris option (available through writing about:config in the URL field) to allow the browser to use your current credentials for login purposes. wiki.alfresco.com /wiki/Configuring_NTLM   (674 words)

NTLM - Wikipedia, the free encyclopedia NTLM (NT LAN Manager), a computer networking cryptography protocol, operates in a variety of Microsoft Windows network protocols for authentication purposes. The NTLM protocol uses a challenge-response sequence requiring the transmission of three messages between the client (wishing to authenticate) and the server (requesting authentication): The calculation methods differ based on the NTLM authentication parameters negotiated previously, but in general they apply MD4/MD5 hashing algorithms and DES encryption to compute the response. en.wikipedia.org /wiki/NTLM   (327 words)

Microsoft Security Bulletin (MS00-067) Because NTLM credentials would be sent to the malicious user's server by default, the malicious user could capture the unsuspecting user's authentication credentials. NTLM hashes (or challenge/response pairs) could be fed into a program that performs brute force password guessing. Automatic NTLM authentication will only occur when the telnet server resides in the "Local intranet" or "Trusted sites" zone and the zone's policy is set to allow "automatic logon with user name and password". www.microsoft.com /technet/security/bulletin/MS00-067.mspx   (2542 words)

What is NTLM? - A Word Definition From the Webopedia Computer Dictionary The NTLM protocol was the default for network authentication in the Windows NT 4.0 operating system. NTLM is also used to authenticate logons to standalone computers with Windows 2000. NTLM uses a challenge-response mechanism for authentication, in which clients are able to prove their identities without sending a password to the server. www.webopedia.com /TERM/N/NTLM.html   (222 words)

The NTLM Authentication Protocol and Security Support Provider NTLM authentication is a challenge-response scheme, consisting of three messages, commonly referred to as Type 1 (negotiation), Type 2 (challenge) and Type 3 (authentication). The 16-byte NTLM hash is null-padded to 21 bytes. The NTLM password hash is obtained (as discussed, this is the MD4 digest of the Unicode mixed-case password). davenport.sourceforge.net /ntlm.html   (13397 words)

Squid NTLM authentication project NTLM authentication is proxyable provided the client is willing to do NTLM WWW authentication through a proxy, there are two basic reasons I can think of: Squid isn't passing the authentication info correctly (i.e. There is noting in NTLM authentication which makes it impossible to proxy, besides the fact that it requires a single persistent connection client<->origin server, with any number of proxies/tunnels in between. NTLM authentication can only be done on a persistent connection by design (NTLM uses randomly generated challenges). squid.sourceforge.net /ntlm   (1299 words)

Integrated Windows Authentication, NTLM, and Java HTTP Clients The NTLM protocol is a proprietary Microsoft protocol used to identify and authenticate clients connecting to servers. The use of NTLM is configured at the level of the machine, rather than for a specific protocol. NTLM support was added quite a while ago and they don't appear to be interested in extending it. oaklandsoftware.com /papers/ntlm.html   (1204 words)

SecuriTeam™ - NTLM HTTP Authentication is Insecure By Design NTLM authentication is an example to such connection-oriented security scheme. This [HTTP NTLM authentication] scheme differs from most "normal" HTTP authentication mechanisms, in that subsequent requests over the authenticated connection are not themselves authenticated; NTLM is connection-oriented, rather than request-oriented. True, it indicates that the request comes from a proxy server, but in the case of NTLM authentication, it increases the likelihood of the client not to be subject to the attack described here. www.securiteam.com /securityreviews/5OP0B2KGAC.html   (1555 words)

'NTLM Authorization Proxy Server'. 'NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. 'NTLM Authorization Proxy Server' is distributed under the GNU General Public License which is included in this archive (see file COPYING). NTLM Authentication Scheme for HTTP is the most valuable information source on NTLM that allowed APS to be created. www.geocities.com /rozmanov/ntlm   (784 words)

Coding Horror: ASP.NET NTLM Authentication - is it worth it? NTLM credentials typically don't make it through a proxy, so you must enable Basic authentication in addition to NTLM, otherwise you risk permanently blocking a chunk of your userbase from your application. I wasn't aware of the NTLM authentication performance impact but one possibility would be to use Kerberos Authentication as opposed to NTLM. That way you have the massive NTLM overhead at most once, everything stays at least as secure as it would be in a traditionally secured site, and you've still achieved single-sign-on. www.codinghorror.com /blog/archives/000263.html   (1200 words)

Luigi Dragone Home Page - NTLM Authentication in Java NTLM is a proprietary protocol employed by many Microsoft products to perform challange response authentication and it is the default authetication scheme used by Microsoft firewall and proxy server products. Since NTLM is finally a weak protocol (it is more safe than basic authentication, but it is not strong as the digest autentication), there are many cracking tools and many security issues ralated to it. Notice that NTLM is not a proxyable protocol, it can be used to authenticate a client against a proxy or a web site, but not both at the same time. www.luigidragone.com /networking/ntlm.html   (1095 words)

How to enable NTLM 2 authentication NTLM 2 has been available for Windows NT 4.0 since Service Pack 4 (SP4) was released, and it is supported natively in Windows 2000. Before you enable NTLM 2 authentication for Windows 98 clients, verify that all domain controllers for users who log on to your network from these clients are running Windows NT 4.0 Service Pack 4 or later. Clients use NTLM authentication, and use NTLM 2 session security if the server supports it; domain controllers refuse LM authentication (that is, they accept NTLM and NTLM 2). support.microsoft.com /kb/239869   (1403 words)

The NTLM Authentication Protocol NTLM is an authentication protocol used in various Microsoft network protocol implementations and supported by the NTLM Security Support Provider ("NTLMSSP"). NTLM employs a challenge-response mechanism for authentication, in which clients are able to prove their identities without sending a password to the server. IMAP authentication is documented in RFC 1730; the NTLM mechanism is a proprietary extension provided by Exchange and supported by the Outlook client family. curl.haxx.se /rfc/ntlm.html   (9167 words)

Microsoft NTLM   (Site not responding. Last check: 2007-10-08) NTLM must also be used for logon authentication on stand-alone systems. NTLM credentials are based on data obtained during the interactive logon process and consist of a domain name, a user name, and a one-way hash of the user's password. Interactive NTLM authentication over a network typically involves two systems: a client system, where the user is requesting authentication, and a domain controller, where information related to the user's password is kept. msdn.microsoft.com /library/default.asp?url=/library/en-us/secauthn/security/microsoft_ntlm.asp   (611 words)

Microsoft Security Bulletin MS01-001 It would not, by itself, allow a malicious user to gain control of another user's computer or to gain access to resources to which that user was authorized access. The default authentication mechanism for WEC is NTLM. NTLM challenge/response pairs could be fed into a program that performs brute force password guessing. www.microsoft.com /technet/security/bulletin/MS01-001.mspx   (1669 words)

Applications that use LM or NTLM? | Ask MetaFilter LM (LanManager) and NTLM (NT Lan Manager) are old, fairly insecure MS protocols for authentication. NTLM authentcation is used sometimes over HTTP to secure websites hosted on IIS. Yeah, NTLM can be used by Apache httpd, and also Java app servers and the like (not necessarily built-in, though). ask.metafilter.com /24805/Applications-that-use-LM-or-NTLM   (357 words)

WIN Server Security - NTLM Authentication Levels   (Site not responding. Last check: 2007-10-08) NTLM is a significant improvement over LM, but is still relatively susceptible to attack. NTLM v2 adds several enhancements to v1 that make it much more secure. NTLM v2 should be required whenever possible (that is, whenever it doesn't break required functionality - see Special Cases below). web.mit.edu /pismere/support/for-cont-admins/security-info/ntlm.html   (813 words)

How to Configure Telnet NTLM Authentication When the Telnet server is set to enable only NTLM authentication, only Telnet clients that support NTLM authentication Telnet protocol may be able to connect to the Telnet server. When the client is configured for NTLM authentication, the user may not have to enter his or her user name/password. NTLM value 1 is NTLM or logon prompt where NTLM is tried before the logon prompt. support.microsoft.com /kb/201194   (399 words)

NTLM Authentication | drupal.org NTLM is a proprietary (and not so good) protocol for deploying Single Sign On in predominantly Windows oriented networks (our company network also). NTLM sits on top of HTTP, so users who are logged on to the Windows Active Directory network can transparently log-on to web services using their Microsoft Windows credentials (and thereby having Single Sign On). Getting IIS servers working with NTLM is easy (it should be), but traditionaly Apache servers have had problems in doing this. drupal.org /node/44718   (623 words)

NTLM authentication   (Site not responding. Last check: 2007-10-08) When MailEnable is configured to provide NTLM authentication, mail users with Outlook or Outlook Express will be able to select the option to use Secure Password Authentication when authenticating against the MailEnable Server. NTLM is an authentication protocol used primarily by Microsoft applications to securely authenticate over a network. Using NTLM, once the user has logged in to Windows, they do not necessarily need to specify or configure the mail client with a designated username or password. www.mailenable.com /Help/Files/ntlmauthentication.htm   (370 words)

Microsoft Security Bulletin (MS01-001): Frequently Asked Questions   (Site not responding. Last check: 2007-10-08) As a result, WEC will participate in NTLM challenge-response authentication with any server, regardless of whether it's trusted or not. Instead, NTLM authentication uses a challenge/response mechanism to ensure that the actual password never traverses the network. When a web-client session is initiated with a remote NTLM enabled IIS server, the web-client will automatically initiate a challenge/response logon process and send NTLM authentication credentials to the remote server even when the IE security settings prompts for those credentials. www.microsoft.com /technet/security/bulletin/fq01-001.asp   (1057 words)

NTLM.   (Site not responding. Last check: 2007-10-08) This is unsorted information on NTLM that I have collected. The best source of info on NTLM is NTLM Authentication Scheme for HTTP document. NTLM method may be used with HTTP proxies, WWW, SMTP, TELNET servers to authenticate user. apserver.sourceforge.net /ntlm.html   (191 words)

21.2  Automatic user authentication using NTLM NTLM cannot be used for authentication in the internal database. Should any problems regarding NTLM authentication arise, it is recommended to remove all usernames/passwords for the server where WinRoute is installed from the Password Manager. Note: If NTLM authentication fails by any reason, details are recorded in the error log (see chapter 18.8 Error Log). www.kerio.com /manual/kwf/en/ch21s02.html   (595 words)

NTLM Authentication Supported by Mozilla on All Platforms - MozillaZine Talkback   (Site not responding. Last check: 2007-10-08) Microsoft's NTLM authentication protocol, popular on Windows-based corporate networks, is now supported by Mozilla on all platforms. Previously, NTLM authentication was only available to Windows Mozilla users, requiring the presence of the Windows SSPI API. The only thing I would be worried about for the future is M$ changing the Windows implementation of NTLM just enough to break this in Mozilla, but I guess we'll have to cross that bridge when we come to it. www.mozillazine.org /talkback.html?article=3990   (1788 words)

239869 - How to Enable NTLM 2 Authentication When you first install the NTLM 2 support files, they are configured to use only LM authentication for backward compatibility with existing servers and domain controllers. Before you enable NTLM 2 authentication for Windows 95, Windows 98, or Windows Millennium Edition clients, verify that all domain controllers for users who log on to your network from these clients are running Windows NT 4.0 service Pack 4 (SP4) or later. You cannot configure it, for example, to use NTLM v2 to connect to Windows 2000-based servers and then to use NTLM to connect to other servers. www.sfu.ca /ad/win98/239869.html   (1408 words)

Try your search on: Qwika (all wikis)

About us   |   Why use us?   |   Reviews   |   Press   |   Contact us   Copyright © 2005-2007 www.factbites.com Usage implies agreement with terms.