NTLMv1 Feature Request

From Jason Kent:

next time you update the windows auditing script, would you consider adding checks for NTLMv1?

Microsoft defines five security levels, the ideal configuration is NTLMv2 only

These levels can be configured via the Group Policy setting Network Security: LAN Manager Authentication Level under Computer Configuration => Windows Settings => Security Settings => Local Policies => Security Options.
Group Policy setting for NTLM security levels

![Image](https://github.com/user-attachments/assets/14727751-f213-4f72-89c1-f1a90e17df24)

The initial four levels specify the protocol requested by the clients. The numbering begins at zero, corresponding to the value of the respective registry key:
Send LM and NTLM responses
Send LM and NTLM (use NTLMv2 session security if negotiated)
Send NTLM response only
Send NTLMv2 response only

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NTLMv1 Feature Request #28

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

NTLMv1 Feature Request #28

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions