Ping a Specific Port

Question

tonyyeb

Asked: 2010-12-17 07:19:40 +0800 CST2010-12-17 07:19:40 +0800 CST 2010-12-17 07:19:40 +0800 CST

Does integrated authentication in IIS pass the username and password in plain text when outside an Intranet?

772

We have a SharePoint 2007 server which is completely stand alone from the rest of the network. It is it's own Domain Controller for it's own Forest (Windows Server 2008). It is available to the Internet. The IIS security setting is Integrated Authentication but when a user is prompted for their credentials when trying to access from outside the Domain, will their username and password be passed in basic text or encrypted somehow?

Thanks

1 Answers

Voted

Chris S · Answer 1 · 2010-12-17T07:23:15+08:00

Best Answer

Chris S

2010-12-17T07:23:15+08:002010-12-17T07:23:15+08:00

Integrated will only use Kerberos V5 or NTLM. Both are protected means of authentication, though I'd hesitate to call it encrypted; nothing else in the exchange will be secured. Use SSL to ensure encryption.

1

Does integrated authentication in IIS pass the username and password in plain text when outside an Intranet?

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?