Manually Configuring NTLMv2 Authentication to Prevent Scan Failures
You must manually configure the credentialed scans that you run against assets that use Microsoft New Technology LAN Manager version 2 (NTLMv2) so that you can prevent the scans from failing.
When you run a credentialed scan against a Windows asset that
uses the LAN Manager Authentication Level of "Send NTLMv2
response only. Refuse LM and NTLM
", some of the scan
tools can fail authentication
A yellow warning triangle is displayed for the asset, and a local checks error vulnerability is raised. Running the scan multiple times can result in locking the user account out of the asset.
To prevent the scans that you run against assets that use NTMLv2 from failing, manually enable NTMLv2 authentication in the following files on the QVM Scanner:
/opt/qvm/etc/smb.conf
/opt/qvm/etc/smb.conf.smbv1
/opt/qvm/etc/smb.conf.smbv2
Open each of these files and add the following line: client ntlmv2 auth = yes