Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

  • Mark to send out a strawman endorsement statement that the group will iterate on in email.
  • Brian to clarify whether one can tell the difference between NTLM v1 and v2 in the logs. 
  • David to draft an alternative means statement about NTLMv2 and RC4/HMAC.
  • Ron to draft a statement about client caching of credentials.
  • Ron will look into whether SysKey uses approved algorithms.

Notes

Alternative Means: Monitor and Mitigate

For those with a different case, this provides enough of a template that others can use to address their own use case. Chicago to submit it, endorsed by those on the AD-Assurance call that approved it (and others that follow suit on email).  AI - Mark to send out a strawman endorsement statement that the group will iterate on in email. Ron will then add this statement to his proposal and send to the AAC.

Next Steps on Cookbook

Eric's proposal

...