[cvsnt] RH Linux ES4 Client recommended protocols?
arthur.barrett at march-hare.com
Sun May 13 21:54:09 BST 2007
> >>> "Send LM & NTLM responses"; now I set it to "Send NTLMv2 response
> >>> only/refuse LM & NTLM". Does this sound right?
> >> That sounds right. Just do it on every machine.
> > Can't I have the cvsnt server enforce this?
> No, because it's an OS function not a cvsnt function. All we
> can do is
> request connection & assume the OS knows what it's doing.
Also there is little point in securing ONLY cvsnt server - setting it
this way means that all other services that use SSPI (eg: printer
sharing, file sharing) also get the same level of security. Equally -
if you were never concerned about the lack of security on your file and
printer shares then there is little (though some) need to worry about
the security of your CVSNT server.
More information about the cvsnt