Re: enumerate NT/Win2k users from a linux machine

["Ulrich Keil" <ulrich () der-keiler de>]

Hi Chris!

If I understad your concerns right (don't know exactly, my english is not to
good), then your problem is not really a pen-test problem, but a linux/windows
problem.

If you want to have access to the login-ID's of your Windows-Servers, then you
have with Win2k a very good chance to solve this problem relativly easy.

You just have to set up an LDAP (e.g. OpenLDAP)-Server, which acts as a proxy
between your Linux-Workstations and the "Directory-Service" of your
Windows-Servers.

With this solution, it is also possible to do not just normal querys against
the Win2k-LDAP-Server, but also the authentification of the UNIX-Clients via
pam_ldap (but who really wants to do this!).

Ulrich Keil
Want to double your drive-space? Delete Windows!


Chris Barber wrote:

> Hi all; 
>
> I have a client that uses primarily Linux workstations for the end users. 
> They use NT and Win2K servers for the storage of many networked applications 
> and data. One of the concerns they have is if users on the network would be 
> able enumerate the login IDs on the NT/Win2k servers from the Linux 
> workstations. I have not seen anything on the net lately that would do this 
> but I thought I would ask those who do this kind of thing all of the time. 
> I am not Pen-tester by trade but I do dabble from time to time (when I have 
> some, time that is). 
>
> Can anyone lend a hand? 
>
> Thnaks 
>
> Chris 

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/