Aug 13, 2013

Work behind a proxy with authentication

If you work in a big company you can find mostly all the times that you're required to pass through a proxy with a given personal user and password to be able to access the internet. Many times is as easy as configuring all the parameters in the browser's options, but for aplications limited to just use proxy or not, you might have some trouble making them work. This is when Cntlm comes handy.

Whats Cntlm?

Cntlm is an NTLM authenticating proxy, that can work as middle man between your PC and the company's proxy. This way you can let Cntlm handle the authentication with the proxy while you just point your aplications to Cntlm address.

Configuration

First of all, you need to open the cntlm.ini file, located in C:\Program Files\Cntlm and complete the following:
Username    test_user
Domain      company_domain
Password    user_password
Proxy       proxyaddress:port
Save the file and start or restart Cntlm service.

Cntlm should be working by now, but the user password isn't really secure since its inside a plain text filed... To avoid taking risks, we can use Cntlm to encode our password using the following:
C:\Program Files\Cntlm>cntlm -M http://www.google.com
Password:
Config profile  1/4... OK (HTTP code: 302)
----------------------------[ Profile  0 ]------
Auth            NTLMv2
PassNTLMv2      98D6986BCFA9999E41698C1686B58A09
------------------------------------------------
Copy/paste last two lines and comment (add # before) the password line.

Now we have our local proxy running in 127.0.0.1:3128, so we just need to change the browser and/or aplication options to point to our local proxy instead.