Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Manually Configuring NTLMv2 Authentication to Prevent Scan Failures

 

You must manually configure the credentialed scans that you run against assets that use Microsoft New Technology LAN Manager version 2 (NTLMv2) so that you can prevent the scans from failing.

When you run a credentialed scan against a Windows asset that uses the LAN Manager Authentication Level of "Send NTLMv2 response only. Refuse LM and NTLM", some of the scan tools can fail authentication

A yellow warning triangle is displayed for the asset, and a local checks error vulnerability is raised. Running the scan multiple times can result in locking the user account out of the asset.

To prevent the scans that you run against assets that use NTMLv2 from failing, manually enable NTMLv2 authentication in the following files on the QVM Scanner:

  • /opt/qvm/etc/smb.conf

  • /opt/qvm/etc/smb.conf.smbv1

  • /opt/qvm/etc/smb.conf.smbv2

Open each of these files and add the following line: client ntlmv2 auth = yes