[squid-users] Squid 3.5.x and NTLM

FredB fredbmail at free.fr
Mon Nov 28 13:26:18 UTC 2016

> The SMB_LM helper performs a downgrade attack on the NTLM protocol
> and
> decrypts the resulting username and password. Then logs into AD using
> Basic auth.
>  This requires that the client supports the extremely insecure LM
>  auth.
> Any sane client will not.
> Alternatively, the 'fake' helper accepts any credentials the client
> presents as long as they are correctly formatted in NTLM syntax.

Thanks, It's what the old helper ntlm_smb_lm_auth does ?

More information about the squid-users mailing list