Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DOMAIN CONTROLLER STOLEN...WHAT NEXT?

From: Sean Earp <smearp () mac com>
Date: Thu, 07 Jul 2005 13:42:50 -0700
Jumping on this thread a little late, but Microsoft provides some guidance on this issue here:

http://www.microsoft.com/downloads/details.aspx?familyid=C0DBEB7E-D476-4498-9F6C-24974FB81F1E&displaylang=en

Amongst the issues covered are:

Chapter 3: Recovering from Active Directory Attacks 
Recovering from the Physical Breach of a Domain Controller 
Recovering from a Rogue Administrator Attack 
Recovering from Catastrophic Forest-wide Corruption 
Recovering from Data Tampering by Restoring Active Directory Data 
Recovering from a Rogue Object Flood Attack 
Recovering from an Object Growth Attack 
Recommendations: Recovering from Active Directory Attacks 

Hope this helps!

-Sean

On Wednesday, June 29, 2005, at 09:03AM, BoB Taylor <bob8600bob () hotmail com> wrote:


Recently we had a domain controller stolen from a field office.  We have 
taken some steps to reduce our risk.  I have researched some books and some 
of the security site for a checklist or a set of recommended minimum steps 
that should be taken to ensure we are not at risk.  Can anyone point me in 
the right direction or make some recommendations?

Thanks, Bob
Previous By Date Next
Previous By Thread Next

Current thread: