[squid-users] Squid 3.5.x and NTLM
fredbmail at free.fr
Mon Nov 28 13:26:18 UTC 2016
> The SMB_LM helper performs a downgrade attack on the NTLM protocol
> decrypts the resulting username and password. Then logs into AD using
> Basic auth.
> This requires that the client supports the extremely insecure LM
> Any sane client will not.
> Alternatively, the 'fake' helper accepts any credentials the client
> presents as long as they are correctly formatted in NTLM syntax.
Thanks, It's what the old helper ntlm_smb_lm_auth does ?
More information about the squid-users