Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

MICROSOFT IIS AUTHENTICATION ERROR INFORMATION DISCLOSURE - NTLM AUTHENTICATION

Posted on 2009-05-12
3
Medium Priority
?
1,155 Views
Last Modified: 2012-05-06
Hello,

The results of several of our computers are reflecting this error message from a recent penetration test: MICROSOFT IIS AUTHENTICATION ERROR INFORMATION DISCLOSURE - NTLM AUTHENTICATION.
The only Fix Info. it gives that hosts running IIS 4 through 5.1 are properly configured and only authentication systems necessary for the environment are enabled.

My question: How and what settings need to be properly configured. I do not know what the settings need to be set at to make this risk go away. I have googled this for about 2 hours and really have not found anything.

Your assistance is greatly appreciated.
0
Comment
Question by:Dreams_of_skill
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Accepted Solution

by:
jahboite earned 1000 total points
ID: 24372957
The correct fix for this information disclosure vulnerability, which is described fully in any of the top results of a google search for the error message you posted, depends on whether you require any part of the website in question to be protected by an authentication system (e.g. username and password).

If those parts of the website you want protected are done so using a custom login form and sessions then you can safely disable Windows Integrated Authentication (i.e. stop using NTLM auth).  There's a microsoft kb article at http://support.microsoft.com/kb/837139 which details the steps.

Before you do this, you need to be sure that the integrated auth is not currently protecting something you don't want to allow anonymous access to.
After you've done it, you'll want to re-run the pentest/vulnerability scan to make sure you caught the issue.

Let us know how you get on.
0
 
LVL 22

Expert Comment

by:cj_1969
ID: 24374293
Basically there are multiple types/levels of NTLM authentication (LM, NTLMv1 and NTLMv2) and the older versions of it are unsecure.
Windows has a registry value in a range of 1-5 for the NTLM compatibility level.  To force an acceptable authentication level this value should be set to 3-5, 5 being the best.

This article describes the problem and details the various levels ... http://support.microsoft.com/kb/147706 
0
 

Expert Comment

by:npglobal
ID: 25701088
how can i ndo check this issue  " TLM Auth Information Disclosure"
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question