Earlier this month security expert Matt Weeks blogged about Attacking Windows Fallback Authentication.


The blog post and white paper are quick to the point with a nice refresher on Windows Authentication and a few new tricks about attacking Windows Authentication.


Sometimes too, we forget about the basics.  Accessing a Windows resource by IP address will default fallback to NTLM authentication.  Similarly a Windows workgroup machine is limited to NTLM authentication.


Matt goes on to make the case about why NTLM authentication is a higher risk... especially important if you are an administrator.


Perhaps friends can help friends connect to PI Servers by name!




Full Disclosure: Root9B is an OSIsoft partner.