Penetration Testing mailing list archives
Re: [PEN-TEST] RAS PT
From: H Carvey <keydet89 () YAHOO COM>
Date: Fri, 6 Oct 2000 17:54:40 -0000
Starting w/ the Pen Test part of the question first... Pen testing an NT box is both fun and easy. Check the base o/s for services...if port 139 is open, perform null session enumeration. This will give you a lot of information that you can use to plan your advance into the box itself...usernames, user last logon times, etc. You can even get the main Admin account, even if they've changed the name...and you can see what accounts are disabled, what groups the accounts are in, etc. You can also get the Domain Account Policy...which will tell you the account lockout threshold. From there, you can attempt brute force login attempts...start w/ blank, "password", the username, etc. Then check for other services...web server, FTP, anything else. Also look for trojans, VNC, pcAnywhere, etc. Securing an NT box: 1. Registry settings. 2. ACLs on files/dirs, Reg keys, shares, etc. 3. Disable all unused and unnecessary services. If you don't need file sharing, turn off the Server service. 4. Enable strong password functionality. 5. Enable auditing...in a way that makes sense for the box. Then set up a process for collecting, reviewing and archiving the EventLogs. 6. Only give accounts the level of access they need. If you have someone who is an Account Operator, audit User and Group Acct Management. A lot, if not all of this...pen testing, exploiting, and securing...can be done via Perl. For an excellent example of this, go to the ForixNT site at http://www.forixnt.com. There are free tools available, as well. Check it out.
Current thread:
- [PEN-TEST] RAS PT Batten, Gerald (Oct 04)
- Re: [PEN-TEST] RAS PT Nasir Farhat Khan (Oct 05)
- <Possible follow-ups>
- Re: [PEN-TEST] RAS PT Schwienteck, Matthew (Oct 05)
- Re: [PEN-TEST] RAS PT Thompson, Stephen (Oct 05)
- Re: [PEN-TEST] RAS PT Frank Knobbe (Oct 06)
- Re: [PEN-TEST] RAS PT H Carvey (Oct 06)
- Re: [PEN-TEST] RAS PT Batten, Gerald (Oct 09)
- Re: [PEN-TEST] RAS PT Peter Van Epp (Oct 10)