Pass-The-Hash: Protect Your Windows Computers! (Part 3)

by Derek Melber
Sept. 1, 2017 0 comments TechGenix malware

Now that we are in the third installment of this article topic and series, I am sure you have been getting a bit anxious to learn all you can about Pass the Hash (PTH) and the methods to reduce the effects of this attack. In the first article we discussed the overview of PTH, describing methods to help protect your Windows computers from this attack. In the second article we discussed some of the GPO options that can be set to reduce the overall effects of PTH. As mentioned many times, there is no silver bullet to eliminate the risk of PTH, however, taking precautions to reduce the risk can go a long way. Since PTH first must gain local admin privileges to the computer, that is where we started with article 2 and setting GPO policies to reduce this ability for the attack. Now, we are moving on in this article to discuss how to remove LANManager, which is a very old authentication protocol which is easily hacked and attacked.