ntlm

• NTLM

https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

NTLM

1 NTLM version 2 (NTLMv2), which was introduced in Windows NT 4.0 SP4

(and natively supported in Windows 2000), enhances NTLM security by

hardening the protocol against many spoofing attacks, and adding the

ability for a server to authenticate to the client.


NTLM - Vendor recommendation

1 Implementers should be aware that NTLM does not support any recent

cryptographic methods, such as AES or SHA-256. It uses cyclic

redundancy check (CRC) or message digest algorithms (RFC1321) for

integrity, and it uses RC4 for encryption.



1 Deriving a key from a password is as specified in RFC1320 and FIPS46-2.

Therefore, applications are generally advised not to use NTLM.



1 Microsoft has added the NTLM hash to its implementation of the Kerberos (protocol)|

Kerberos protocol to improve inter-operability. According to an independent researcher, this design decision allows Domain Controllers to

be tricked into issuing an attacker with a Kerberos ticket if the NTLM hash is

known.http://www.aorato.com/blog/active-directory-vulnerability-disclosure-weak-

encryption-enables-attacker-change-victims-password-without-logged/



1 While Kerberos has replaced NTLM as the default authentication protocol in an Active Directory (AD) based single sign-on|single sign-on scheme, NTLM is still widely used in situations where a domain controller is

not available or is unreachable. For example, NTLM would be used if a client is

not Kerberos capable, the server is not joined to a domain, or the user is remotely

authenticating over the web.


NTLM - NTLM and Kerberos

1 NTLM is still used in the following situations:



1 * The client is authenticating to a server that belongs to a different Active Directory forest that has a

legacy NTLM trust instead of a transitive inter-forest trust



1 In Windows Vista and above, neither LM nor NTLM are used by default. NTLM is still supported for inbound authentication, but for outbound authentication NTLMv2 is sent by default instead. Prior versions of

Windows (back as far as Windows NT 4.0 Service Pack 4) could be

configured to behave this way, but it was not the default.


NTLM - Protocol

1 NTLM is a Challenge-response authentication|challenge-response authentication protocol which uses three messages to authenticate a

client in a connection oriented environment (connectionless is similar), and a fourth additional message if integrity is desired.


NTLM - Protocol

1 The NTLM protocol uses one or both of two hashed password values, both

of which are also stored on the server (or domain controller), and which are 'password equivalent',

meaning that if you grab the hash value from the server, you can

authenticate without knowing the actual password


NTLM - Protocol

1 The NTLM protocol also uses one of two 'One-way functions|one way

functions', depending on the NTLM version. NT LanMan and NTLM

version 1 use the DES based LanMan one way function (LMOWF), while

NTLMv2 uses the NT MD4 based one way function (NTOWF).


NTLM - NTLMv1

1 In fact, in NTLMv1 the computations are usually made using both hashes

and both 24-byte results are sent


NTLM - NTLMv2

1 NTLMv2, introduced in Windows NT 4.0 SP4,[http://web.archive.org/web/1999011

7055557/http://www.microsoft.com/ntserver/nts/exec/overview/

NT4SP4whatnew.asp What's New in Windows NT 4.0 Service Pack 4?] is a challenge-response authentication

protocol. It is intended as a cryptographically strengthened

replacement for NTLMv1.


NTLM - NTLMv2

1 For this shorter response, the 8-byte client challenge appended to the 16-

byte response makes a 24-byte package which is consistent with the

24-byte response format of the previous NTLMv1 protocol


NTLM - NTLMv2

1 The second response sent by NTLMv2 uses a variable length client challenge

which includes (1) the current time in NT Time format, (2) an 8-byte random value (CC2 in the box below), (3) the domain

name and (4) some standard format stuff. The response must include a copy of this client challenge, and is therefore variable length. In non-official documentation, this

response is termed NTv2.


NTLM - NTLM2 Session

1 The NTLM2 Session protocol similar to MS-CHAPv2. It consists of authentication from NTLMv1

combined with session security from NTLMv2.



1 Briefly, the NTLMv1 algorithm is applied, except that an 8-byte client challenge is appended to the 8-byte server challenge and MD5 hashed. The least 8-byte half of the hash result is the challenge utilized

in the NTLMv1 protocol. The client challenge is returned in one 24-byte slot of the response message, the 24-byte calculated response is returned in the

other slot.



1 This is a strengthened form of NTLMv1 which maintains the ability to use existing Domain

Controller infrastructure yet avoids a dictionary attack by a rogue server. For a

fixed X, the server computes a table where location Y has value K such that Y=DES_K(X). Without the client participating in the choice of challenge, the server can send X, look up

response Y in the table and get K. This attack can be made practical by using

rainbow tables.



1 However, existing NTLMv1 infrastructure allows that the challenge/response pair is not

verified by the server, but sent to a Domain Controller for verification.

Using NTLM2 Session, this infrastructure continues to work if

the server substitutes for the challenge the hash of the server and

client challenges.https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

NTLM - Vulnerabilities

1 The Squirtle toolkit can be used to leverage web site cross-site scripting attacks into attacks on nearby assets

via NTLM.


NTLM - Vulnerabilities

1 In February 2010, Amplia Security discovered several flaws in the Windows implementation of the NTLM authentication mechanism which broke the security of the

protocol allowing attackers to gain read/write access to files and remote

code execution


NTLMSSP

1 NTLMSSP is used wherever SSPI authentication is used including, but

not limited to, Server Message Block/CIFS extended security

authentication, HTTP Negotiate authentication (e.g


NTLMSSP

1 The Windows Service offering the acceptor side of NTLMSSP has been removed from Windows Vista and

Windows Server 2008 in favor of the newer Kerberos (protocol)|Kerberos

authentication protocol. [http://msdn2.microsoft.com/en-us/library/aa480152.aspx#appcomp_topic

16 Deprecated components in Windows Vista]


NTLMSSP

1 The 'NTLMSSP' and NTLM challenge-response protocol have been

documented in Microsoft's Open Protocol Specification.


NTLMSSP

1 [http://msdn2.microsoft.com/en-us/library/cc207842.aspx MS-NLMP - NT

LAN MANAGER (NTLM) Authentication Protocol Specification]


MSN Chat - NTLM

1 Little is known about the role of NTLM authentication on

MSN Chat


MSN Chat - NTLM

1 The MSN Chat Admin client, which was leaked by a MSN Chat

administrator and quickly found its way all over the internet, was known to use the NTLM protocol, and bears

many similarities to the Microsoft Comic Chat client. It was based on

MS Chat 2.5.


For More Information, Visit:

• https://store.theartofservice.com/itil-2011-foundation-complete-certification-kit-fourth-edition-study-guide-ebook-and-online-course.html

The Art of Servicehttps://store.theartofservice.com








ntlm

Documents