Security Basics mailing list archives

Re: Threat vector of running a service using a domain account

From: "Ali, Saqib" <docbook.xml () gmail com>
Date: Fri, 14 Sep 2007 07:31:59 -0700

If you had the machine offline and patched it into a hub with another
box running Wireshark or Ettercap (or other) and restarted the service,
I wonder if you could crack the captured hash?  You'd at least have a DA
account's hash for replay.


I don't think password hashes are floating around on the network in a
kerberos enabled Active Directory. Kerberos tickets are issued to the
servers.

Current thread:

Re: Threat vector of running a service using a domain account, (continued)
- Re: Threat vector of running a service using a domain account jfvanmeter (Sep 12)
- Re: Re: Threat vector of running a service using a domain account levinson_k (Sep 12)
- Re: Threat vector of running a service using a domain account Jay (Sep 13)
  - Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 13)
    - RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
    - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)
    - RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
    - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 18)
- RE: Threat vector of running a service using a domain account Jay (Sep 14)
  - RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
    - Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 14)
    - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)
  - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)