From: doug@securityfocus.com
Date: Tue Nov 15 2005 - 10:22:53 EST
Might I suggest as an update to your Windows Chapter, a section on Active Directory and using AD tools such as dsquery, dsget, enumprop,
dnscmd, nltest, & ntdsutil to query AD servers for information. These tools can be found in the various Microsoft Support/Resource Kits and
also on Win2003 servers.
I have found these tools extremely useful during assessments, especially when a network is blocking typical netbios ports. Most of these tools
run their queries over LDAP (TCP/389).
Some of the tools and queries require privilege, some will work with either a Null session or without any connection at all. The Active
Directory Cookbook has more information on these tools.
One query that requires no authentication is:
c:\>enumprop "LDAP://RootDSE"
I look forward to your updated book.
Sincerely,
Douglas Ford
---------------------
CSRgroup LLC
www.csr-group.com
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:10 EDT