The results of several of our computers are reflecting this error message from a recent penetration test: MICROSOFT IIS AUTHENTICATION ERROR INFORMATION DISCLOSURE - NTLM AUTHENTICATION.
The only Fix Info. it gives that hosts running IIS 4 through 5.1 are properly configured and only authentication systems necessary for the environment are enabled.
My question: How and what settings need to be properly configured. I do not know what the settings need to be set at to make this risk go away. I have googled this for about 2 hours and really have not found anything.
Your assistance is greatly appreciated.