Security Basics mailing list archives
Re: hacking win2kPro out of the box
From: H Carvey <keydet89 () yahoo com>
Date: 6 Dec 2004 11:38:54 -0000
In-Reply-To: <285472c90412030724661edaf9 () mail gmail com>
Does anyone have any information on common attacks for local priviledge escalation, and ways to secure against these?
Google is your friend: http://www.google.com/search?hl=en&q=%22Windows+2000%22+OR+%22Win2K%22+AND+%22privilege+escalation%22 Also, Google for "ntpasswd".
The sort of thing I'm looking for is a detail of an attack, followed by the procedure(s) I would use to: a) recover from it if neccessary b) thwart future attacks of it's type.
The answer for "b" is easy...secure local access, in particular, physical access to the system.
I basically want to swap roles between hacker and sysadmin so I can learn more about the best of both worlds.
Again, start w/ Google. H. Carvey "Windows Forensics and Incident Recovery" http://www.windows-ir.com
Current thread:
- hacking win2kPro out of the box q q (Dec 03)
- RE: hacking win2kPro out of the box Philip Wagenaar (Dec 06)
- Re: hacking win2kPro out of the box xyberpix (Dec 06)
- <Possible follow-ups>
- Re: hacking win2kPro out of the box H Carvey (Dec 06)
- Re: hacking win2kPro out of the box miguel . dilaj (Dec 06)
- Re: hacking win2kPro out of the box H Carvey (Dec 07)