stackoom
  简体   繁体   中英

Is Windows Authentication (NTLM) on Windows Server 2008 R2 secure for Sharepoint 2010?

 原文  2011-08-12 12:51:52       sharepoint/ iis/ authentication/ encryption/ ntlm

Question

Is it generally considered secure to use Windows NTLM Authentication for Sharepoint 2010 on a Windows 2008 R2 server?

This Sharepoint install WILL BE exposed to the Internet.
Is NTLM in 2008 R2 sent as clear text, or some otherwise easily defeat-able encryption?

I want to be sure we aren't making ourselves vulnerable by this authentication method.

My gut says forms authentication with SSL would be best.

Comments?

1 answers

solution1
 1 ACCPTED  2011-08-12 15:14:28

Your gut is leading you in the right direction. NTLMv2 can be vulnerable to an attack known as a forwarding attack where an interloper could set up a proxy between your client and server and hijack an authenticated session.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Windows server 2008 OR 2008 R2 SP1 for SharePoint 2010 Is it possible to install SharePoint 2010 Server on the same Windows Server 2008 R2 machine with AD role installed? How to install sharepoint server on windows server 2012 r2 steps Deploy Web Part Into windows server 2008 R2 Microsoft.ACE.OleDB.12.0 + Windows Server 2008 R2 + Spreadsheet being accessed via UNC path into SharePoint = :( How to debug SharePoint stored procedures with Visual Studio 2010 on SQL Server 2008 R2? Accessing sharepoint in R with windows authentication SharePoint Installation Problem on Windows Server 2008 Problem Deploying Report Parts into SharePoint 2010 Integrated SSRS 2008 R2 Instance SharePoint 2010 and SQL Server 2008
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM