Solved

MICROSOFT IIS AUTHENTICATION ERROR INFORMATION DISCLOSURE - NTLM AUTHENTICATION

Posted on 2009-05-12
3
1,126 Views
Last Modified: 2012-05-06
Hello,

The results of several of our computers are reflecting this error message from a recent penetration test: MICROSOFT IIS AUTHENTICATION ERROR INFORMATION DISCLOSURE - NTLM AUTHENTICATION.
The only Fix Info. it gives that hosts running IIS 4 through 5.1 are properly configured and only authentication systems necessary for the environment are enabled.

My question: How and what settings need to be properly configured. I do not know what the settings need to be set at to make this risk go away. I have googled this for about 2 hours and really have not found anything.

Your assistance is greatly appreciated.
0
Comment
Question by:Dreams_of_skill
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Accepted Solution

by:
jahboite earned 250 total points
ID: 24372957
The correct fix for this information disclosure vulnerability, which is described fully in any of the top results of a google search for the error message you posted, depends on whether you require any part of the website in question to be protected by an authentication system (e.g. username and password).

If those parts of the website you want protected are done so using a custom login form and sessions then you can safely disable Windows Integrated Authentication (i.e. stop using NTLM auth).  There's a microsoft kb article at http://support.microsoft.com/kb/837139 which details the steps.

Before you do this, you need to be sure that the integrated auth is not currently protecting something you don't want to allow anonymous access to.
After you've done it, you'll want to re-run the pentest/vulnerability scan to make sure you caught the issue.

Let us know how you get on.
0
 
LVL 22

Expert Comment

by:cj_1969
ID: 24374293
Basically there are multiple types/levels of NTLM authentication (LM, NTLMv1 and NTLMv2) and the older versions of it are unsecure.
Windows has a registry value in a range of 1-5 for the NTLM compatibility level.  To force an acceptable authentication level this value should be set to 3-5, 5 being the best.

This article describes the problem and details the various levels ... http://support.microsoft.com/kb/147706 
0
 

Expert Comment

by:npglobal
ID: 25701088
how can i ndo check this issue  " TLM Auth Information Disclosure"
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question