NTLMv2 with FreeRADIUS
Phil Mayers
p.mayers at imperial.ac.uk
Wed Apr 9 21:41:04 CEST 2014
On 09/04/2014 20:27, John McCarthy wrote:
> On 9 Apr 2014, at 15:14, arr2036 wrote:
>
>> It's not in a local configuration file if it's being sent to an AD server.
>
> Gotcha, and that is basically what makes NTLMv1 insecure- is if it is
> stored in a file that can be cracked (from what I understand of it).
No sorry. Your understanding is totally wrong, both of the security
properties of ntlmv1 and how TTLS/PAP works.
More information about the Freeradius-Users
mailing list