Re: How do I prevent the use of tools like Hyena from gaining info

From: Srikrishna Komatineni (srikrishnak_at_hotmail.com)
Date: 06/19/05

• Next message: Roger Abell: "Re: How do I prevent the use of tools like Hyena from gaining info"
• Previous message: Ferdie: "Re: Service accounts best practices"
• In reply to: ArizonaRay: "How do I prevent the use of tools like Hyena from gaining info"
• Next in thread: Roger Abell: "Re: How do I prevent the use of tools like Hyena from gaining info"
• Reply: Roger Abell: "Re: How do I prevent the use of tools like Hyena from gaining info"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 19 Jun 2005 17:49:28 +0800

My personnel observation when Microsoft remote registry service and Netbios
are running a user with even just guest rights can scan the network to get a
lot of information such as the shares,user id's, password policy,services
running etc....

"ArizonaRay" <ArizonaRay@discussions.microsoft.com> wrote in message
news:87A568C5-E256-474C-92CC-C272BB732E27@microsoft.com...
> OK. Our IT Auditors just visted us and with a wealth of information
> concerning our AD Domain Accounts, Member Server, info, etc. Fortunately,
> I
> am friendly with one the Auditors and was able find out they obtained this
> information. They obtained the information using a tool called "Hyena".
> They were able to gather a lot of information with tool, with no elevated
> user rights, just domain user accounts? My question is "How do I prevent
> ordinary users from using such tools to gain information from our
> network?"
> I find this to be serious security risk, in that anyone with access to our
> network can get such information.
>

• Next message: Roger Abell: "Re: How do I prevent the use of tools like Hyena from gaining info"
• Previous message: Ferdie: "Re: Service accounts best practices"
• In reply to: ArizonaRay: "How do I prevent the use of tools like Hyena from gaining info"
• Next in thread: Roger Abell: "Re: How do I prevent the use of tools like Hyena from gaining info"
• Reply: Roger Abell: "Re: How do I prevent the use of tools like Hyena from gaining info"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: How do I prevent the use of tools like Hyena from gaining informat ... Mitch Tulloch, MVP Windows Server ... Our IT Auditors just visted us and with a wealth of information ... > user rights, just domain user accounts? ... > network can get such information. ... (microsoft.public.windows.server.security) How do I prevent the use of tools like Hyena from gaining informat ... Our IT Auditors just visted us and with a wealth of information ... concerning our AD Domain Accounts, Member Server, info, etc. ... network can get such information. ... (microsoft.public.windows.server.security) How do I prevent the use of tools like Hyena from gaining info ... Our IT Auditors just visted us and with a wealth of information ... concerning our AD Domain Accounts, Member Server, info, etc. ... network can get such information. ... (microsoft.public.windows.server.security) How do I prevent the use of tools like Hyena from gaining info ... Our IT Auditors just visted us and with a wealth of information ... concerning our AD Domain Accounts, Member Server, info, etc. ... network can get such information. ... (microsoft.public.win2000.security) Audit User Accounts ... I need to create a list of domain user accounts showing ... the last time they logged-on to the network. ... (microsoft.public.win2000.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint