Forum Discussion

Artem_Pavlyuchik's avatar
Artem_Pavlyuchik
Copper Contributor
Nov 30, 2021

How to identify devices which are using deprecated NTLMv1 protocol inside corporate network

I'm trying to find endpoints with NTLMv1 authentications over the network to examine the possibility of using NTLMv2 instead previous one. Eventually, I'm going to ban authentication over NTLMv1.

 

I examined NTLM/Operational log but the events from it don't represent the required info (it consists solely of generic info about NTLM using without any granulations).

 

Does anybody have any approach to how it is possible to do that?

 

No RepliesBe the first to reply

Resources