If you use lm there are two vulnerabilities. It would be very easy for someone to
crack passwords stored on a domain controller IF they could get physical access to
them or a backup that includes the Active Directory database. The other vulnerability
is that lm hashes can be sniffed off of the network wire and possibly cracked by
someone malicious user on your network. However, unless you have W9X clients without
Directory Services Client installed, lm will not be used for regular authentication
and either NTLMv2 or kerberos will be used. So realistically your risk could be
minimal as long as domain administrator passwords are not used in situations where lm
hash would be used and your domain controllers and backups are physically
ecure. --- Steve
http://www.sans.org/top20/#w3
http://web.mit.edu/pismere/support/for-cont-admins/security-info/ntlm.html
http://www.winnetmag.com/Articles/Index.cfm?ArticleID=3844&pg=3
