Basic question

From: Roman L. Daszczyszak II (romandas_at_gmail.com)
Date: 03/10/05

Next message: Miroslaw Slawek Chorazy: "Re: Question on IIS servers and reverse lookup"

Previous message: Miroslaw Slawek Chorazy: "Re: Question on IIS servers and reverse lookup"
Next in thread: Craig, Tobin (OIG): "RE: Basic question"
Maybe reply: Craig, Tobin (OIG): "RE: Basic question"
Reply: dave kleiman: "RE: Basic question"
Maybe reply: Depp, Dennis M.: "RE: Basic question"
Reply: Laura A. Robinson: "RE: Basic question"
Maybe reply: Ken Schaefer: "RE: Basic question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 10 Mar 2005 14:56:52 -0600
To: focus-ms@securityfocus.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does anyone have a good reference on the differences between LanMan,
NTLM, NTLMv2 and Kerberos? Also, is there any restriction on the length
of a password used across a network/LAN for authentication? I'm aware
in NT/2K/XP/2003 the max length of a password is 127 characters, but am
curious if this is still true for network/domain authentication.

Lastly, I have heard (and would like confirmation/denial) that
authenticating to a domain-based machine from a machine outside the
domain causes an otherwise normally encrypted password to be sent
cleartext when authenticating with an IIS server. Can anyone point me
to references about this?

Thank you for any information y'all can provide.

Roman
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCMLSUszjStpsfjf8RAtNLAJsGmQv5p9B1bk7msxzK0zrDkpcSKgCgxEKl
hoC2TjFp71dLF3Regw1c6qA=
=vQB2
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
---------------------------------------------------------------------------

Next message: Miroslaw Slawek Chorazy: "Re: Question on IIS servers and reverse lookup"

Previous message: Miroslaw Slawek Chorazy: "Re: Question on IIS servers and reverse lookup"
Next in thread: Craig, Tobin (OIG): "RE: Basic question"
Maybe reply: Craig, Tobin (OIG): "RE: Basic question"
Reply: dave kleiman: "RE: Basic question"
Maybe reply: Depp, Dennis M.: "RE: Basic question"
Reply: Laura A. Robinson: "RE: Basic question"
Maybe reply: Ken Schaefer: "RE: Basic question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Basic question
... curious if this is still true for network/domain authentication. ... authenticating to a domain-based machine from a machine outside the ... Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org ...
(Focus-Microsoft)
Re: Multiple authentication prompts in SharePoint
... The WSS newsgroup is microsoft.public.sharepoint.windowsservices (for future ... That FAQ item also refers to another KB article if you have checked ... We are using SSL authentication. ...
(microsoft.public.sharepoint.portalserver)
Re: help me
... In addition to deciding what means of authentication you require on your ... anonymous access & either windows integrated authentication, ... based auth scheme, and you reference a fully-qualified domain name, I am ... see the groups currently assigned permissions on this dir. ...
(microsoft.public.inetserver.iis.security)
Re: ssl scp authentication
... You need GnuPG to verify this message ... > Is there a way to script the scp command to include the authentication? ...
(comp.unix.shell)
Re: Pam modifications
... your using some other form of authentication. ... (I saved the originals to 'roll back' to the original ... thus the account can't be locked. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
(Ubuntu)