WinSecWiki
Windows Security Settings
Articles
WinSecWiki
»
Windows Security Settings
»
Local Policies
»
Security Options
»
Network security: Minimum session security for NTLM SSP based...
Network security: Minimum session security for NTLM SSP based...
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
This value impacts applications, from the point of view of the server, that use the NTLM SSP or secure RPC and specifies session security requirements for communication between the client and server.
Hex value
Check box
Meaning
0x0
None checked
None. No security is used for session security.
0x10
Require message integrity
Message integrity. If the value of either this entry or the NtlmMinServerSec entry is 0x10, then the connection will fail unless message integrity is negotiated.
0x20
Require message confidentiality
Message confidentiality. If the value of either this entry or the NtlmMinServerSec entry is 0x20, then the connection will fail unless message confidentiality is negotiated.
0x80000
Require NTLMv2 session security
NTLMv2 session security. If the value of either this entry or the NtlmMinServerSec entry is 0x80000, then the connection will fail unless NTLMv2 session security is negotiated.
0x20000000
Require 128-bit encryption
128-bit encryption. If the value of either this entry or the NtlmMinServerSec entry is 0x20000000, then the connection will fail unless 128-bit encryption is negotiated
As best I can tell, this setting will primarily impact secure RPC communications such as between Outlook and Exchange when authenticating via NTLM.
Unanswered questions: how do these settings affect SMB traffic or do they? Do these setting apply to all RPC traffic, only secure RPC traffic or just secure RPC traffic authenticated via NTLM instead of Keberos? How do these setting affect traffic sent via the Kerberos SSP? If they don’t, how do you set similar requirements for Kerberos SSP?
Underlying registry key and value
NtlmMinClientSec HKLM\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
Data type
Range
Default value
REG_DWORD
0x0 | 0x10 | 0x20 | 0x80000 | 0x20000000
0x0
Excellent sources for more information on NTLM:
http://davenport.sourceforge.net/ntlm.html
by Eric Glass and
http://www.microsoft.com/technet/technetmag/issues/2006/08/SecurityWatch/
by Jesper Johansson.
Add Your Comments
Name:
*
Email Address:
Web Address:
Verification Code:
*
Details
Rated 3 stars based on 1 vote.
Article has been viewed 8,793 times.
Options
Bookmark Article
Social Bookmarks
Comments RSS
Upcoming Webinars
Top 10 Security Events to Monitor in SharePoint
Tracking an End-User’s Activities through the Windows Security Log and Other Audit Logs
Auditing the Windows Firewall with the Security Log
Additional Resources
Whitepaper: APT Confidential: 14 Lessons Learned from Real Attacks
Learn about the SharePoint Audit Log
Security Log Quick Reference Chart
Patch Tuesday Analysis
User name:
Password:
/
Forgot?
Register
Home