Re: enumerate NT/Win2k users from a linux machine

From: Ulrich Keil (ulrich@der-keiler.de)
Date: 07/24/01 

Date: Tue, 24 Jul 2001 00:36:31 -0000
To: <Cyber-Cop1@excite.com>
Subject: Re: enumerate NT/Win2k users from a linux machine
From: "Ulrich Keil" <ulrich@der-keiler.de>
Message-Id: <20010724003631.CFEE9138C1@mail.der-keiler.de>

Hi Chris!

If I understad your concerns right (don't know exactly, my english is not to
good), then your problem is not really a pen-test problem, but a linux/windows
problem.

If you want to have access to the login-ID's of your Windows-Servers, then you
have with Win2k a very good chance to solve this problem relativly easy.

You just have to set up an LDAP (e.g. OpenLDAP)-Server, which acts as a proxy
between your Linux-Workstations and the "Directory-Service" of your
Windows-Servers.

With this solution, it is also possible to do not just normal querys against
the Win2k-LDAP-Server, but also the authentification of the UNIX-Clients via
pam_ldap (but who really wants to do this!).

Ulrich Keil
Want to double your drive-space? Delete Windows!

Chris Barber wrote:

>Hi all;
>
>I have a client that uses primarily Linux workstations for the end users.
>They use NT and Win2K servers for the storage of many networked applications
>and data. One of the concerns they have is if users on the network would be
>able enumerate the login IDs on the NT/Win2k servers from the Linux
>workstations. I have not seen anything on the net lately that would do this
>but I thought I would ask those who do this kind of thing all of the time.
>I am not Pen-tester by trade but I do dabble from time to time (when I have
>some, time that is).
>
>Can anyone lend a hand?
>
>Thnaks
>
>Chris

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • RE: enumerate NT/Win2k users from a linux machine
    ... enumerate NT/Win2k users from a linux machine ... > This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • RE: OpenSSH (version < 3.4p1) && linux
    ... This advisory from OpenSSH should help clear this up: http://www.openssh.com/txt/preauth.adv ... It seems there is much debate on whether linux based hosts are ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • OpenSSH (version < 3.4p1) && linux
    ... It seems there is much debate on whether linux based hosts are ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... automatically alerts you to the latest security vulnerabilities please see: ...
    (Pen-Test)
  • Re: linux l0pht
    ... > Does anyone know of a port of l0pht crack to linux? ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: enumerate NT/Win2k users from a linux machine
    ... enumerate NT/Win2k users from a linux machine ... > I have a client that uses primarily Linux workstations for the end users. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)