[squid-users] NTLM Authentication / Centos 7

Amos Jeffries squid3 at treenet.co.nz
Tue Aug 21 14:20:41 UTC 2018


On 21/08/18 7:09 PM, L.P.H. van Belle wrote:
>> Also, what then do the other lines in your config then say to do with
>> the NTLM type-1 requests (no credentials) and failed-login requests?
> 
> No this happend after the last security update of samba.
> 

"No" to what ? My Q above was in regards to the omitted http_access
behaviour.


The 'type-1' I am speaking of is the initial NTLM credentials token. Not
the version number. All LanManager based exchanges (LM 1.0, LM4, LM
32-bit, SMB LM, NTLMv1 NTLMv2, NTLMv2 extended) begin with a type-1 token.


> This is due to a samba update.
> SECURITY UPDATE: Weak authentication protocol allowed 
> CVE-2018-1139-*.patch: Do not allow ntlmv1 over SMB1
> 
> You can easily test this, add 'ntlm auth = yes' to smb.conf and
> restart. If this cures your problem, then you have two choices, leave
> it alone and put up with a possibly insecure server, or fix your
> clients to only use NTLMv2 and remove the line from smb.conf.
> 

Yes, that is worth testing for.

Amos


More information about the squid-users mailing list