Re: Network Security Assessment - 2nd edition

From: doug@securityfocus.com
Date: Tue Nov 15 2005 - 10:22:53 EST


('binary' encoding is not supported, stored as-is) Chris;

Might I suggest as an update to your Windows Chapter, a section on Active Directory and using AD tools such as dsquery, dsget, enumprop,
dnscmd, nltest, & ntdsutil to query AD servers for information. These tools can be found in the various Microsoft Support/Resource Kits and
also on Win2003 servers.

I have found these tools extremely useful during assessments, especially when a network is blocking typical netbios ports. Most of these tools
run their queries over LDAP (TCP/389).

  Some of the tools and queries require privilege, some will work with either a Null session or without any connection at all. The Active
Directory Cookbook has more information on these tools.

One query that requires no authentication is:
c:\>enumprop "LDAP://RootDSE"

I look forward to your updated book.

Sincerely,

Douglas Ford
---------------------
CSRgroup LLC
www.csr-group.com

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:10 EDT