1. Invalid credentials
2. Expired credentials
3. Service accounts using unsupported protocols
- For eg: While creating an authentication record, NTLMv1 was disabled in the authentication record but the Windows system against which the authentication was performed, supports only NTLMv1
4. Authenticating against custom OSes
- Mostly, only standard OSes are supported by scanning vendors
5. Scanner not able to identify OS
6. In case of Qualys, one has to add IPs in authentication records otherwise scanner will not attempt authentication against these IPs (Not always the case though)
7. Windows authenticating uses (NULL) despite having correct authentication record
- If authentication process lengthens, it ultimately times-out causing the authentication on target to fall back to (NULL) authentication
8. Bug in protocols used for authentication (OpenSSH version 7.2/3 had a bug that caused servers to incorrectly report signature algorithms)
9. Firewall blocking ports such as 139, 445, 22, 23 etc. (Corelated with point no. 5)
Let us know in comments about any other authentication related issues which you have faced in your org(s).
Happy Learning !!
No comments:
Post a Comment