|
|
Microsoft Win9x Challenge Replay Vulnerability
Solution: There are no known patches to Win9x to prevent the reuse of challenge tokens. A registry key modification is available for Windows NT. Setting LMCompatibilityLevel to '2' or '3' will prevent an NT host from connecting to a "downlevel" server (ie Win9x) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA Value: LMCompatibilityLevel Value Type: REG_DWORD - Number Valid Range: 0-5 Default: 0 Description: This parameter specifies the type of authentication to be used. Level 0 - Send LM response and NTLM response; never use NTLMv2 session security Level 1 - Use NTLMv2 session security if negotiated Level 2 - Send NTLM response only Level 3 - Send NTLMv2 response only Level 4 - DC refuses LM responses Level 5 - DC refuses LM and NTLM responses (accepts only NTLMv2) |
|
Privacy Statement |