dovecot - Feb 2008 - Dovecots default NTLM Version

Hi,
I'm not sure what NTLM version is used as default by authentication between
Outlook and dovecot and I couldn't find it out with a packet sniffer.

I think its NTLMv2 but I'm not sure so I'm asking here.

I know that NTLMv1 is not secure against a man in the middle.
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066

On Feb 24, 2008, at 11:21 PM, hever at web.de wrote:
> I'm not sure what NTLM version is used as default by authentication  
> between Outlook and dovecot and I couldn't find it out with a packet  
> sniffer.
>
> I think its NTLMv2 but I'm not sure so I'm asking here.
>
> I know that NTLMv1 is not secure against a man in the middle.
I didn't write the NTLM code, but as far as I understand it, NTLMv2 is  
used if both client and server negotiates it. But then again I'd think  
a MITM could force v1 to be negotiated and then attack that, so it  
doesn't seem all that secure that way either.. Maybe it's prevented in  
some way.

I think the password hashes also affect this somehow. Maybe NTLM  
passwords work for v2 and LM passwords for v1?

Maybe Andrey can shed some light into this? :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20080225/d479d3f8/attachment-0002.bin>