Re: Network Security Assessment - 2nd edition

doug_at_securityfocus.com
Date: 11/15/05

  • Next message: robert_at_dyadsecurity.com: "Re: Nmap scanning speed" 
    Date: 15 Nov 2005 15:22:53 -0000
To: pen-test@securityfocus.com
    ('binary' encoding is not supported, stored as-is) Chris;

    Might I suggest as an update to your Windows Chapter, a section on Active Directory and using AD tools such as dsquery, dsget, enumprop,
    dnscmd, nltest, & ntdsutil to query AD servers for information. These tools can be found in the various Microsoft Support/Resource Kits and
    also on Win2003 servers.

    I have found these tools extremely useful during assessments, especially when a network is blocking typical netbios ports. Most of these tools
    run their queries over LDAP (TCP/389).

      Some of the tools and queries require privilege, some will work with either a Null session or without any connection at all. The Active
    Directory Cookbook has more information on these tools.

    One query that requires no authentication is:
    c:\>enumprop "LDAP://RootDSE"

    I look forward to your updated book.

    Sincerely,

    Douglas Ford
    ---------------------
    CSRgroup LLC
    www.csr-group.com

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: robert_at_dyadsecurity.com: "Re: Nmap scanning speed"

    Relevant Pages

    • looking for tools/scripts to clean up unused AD accounts
      ... - Active Directory is one of the key repositories for system and user accounts. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • Re: Distribution Lists
      ... How the website formats the data is yet to be determined: ... > information from a website into a distribution group in Active Directory ... > Microsoft Online Partner Support ...
      (microsoft.public.exchange.admin)
    • Re: ASP.NET and Active Directory
      ... > We've now been asked to integrate with active directory so that users on ... > userid (which should match the old website login). ... switch from anonymous to Integrated Windows in the IIS server. ... you will also need to use "Integrate Windows security option" ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Documentation and adding users
      ... Then you manage all users in Active Directory. ... What I would like is to be able to print the html ... > help file, or of some ... >>..doc file on MS website that contains this information? ...
      (microsoft.public.sharepoint.windowsservices)
    • Re: Time drift when W32Time service enableed
      ... Hi Simon, I haven't seen a drift issue that bad, but I'd be careful ... using third party tools if you are using Active Directory, ... - Ticket acceptance attacks ...
      (microsoft.public.windows.server.general)