Manually configuring NTLMv2 authentication to prevent scan failures
You must manually configure the credentialed scans that you run against assets that use Microsoft New Technology LAN Manager version 2 (NTLMv2) so that you can prevent the scans from failing.
About this task
When you run a credentialed scan against a Windows asset
that uses the LAN Manager Authentication Level of "Send NTLMv2 response only. Refuse LM and
NTLM", some of the scan tools can fail authentication. A yellow warning triangle is
displayed for the asset, and a local checks error vulnerability is raised. Running the scan multiple
times can result in locking the user account out of the asset.
To prevent the scans that you run against assets that use NTMLv2 from failing, manually enable
NTMLv2 authentication in the following files on the QVM Scanner:
/opt/qvm/etc/smb.conf/opt/qvm/etc/smb.conf.smbv1/opt/qvm/etc/smb.conf.smbv2
Procedure
Open each of these files and add the following line:
client ntlmv2 auth =
yes