Security Basics mailing list archives
Re: Threat vector of running a service using a domain account
From: "Ali, Saqib" <docbook.xml () gmail com>
Date: Fri, 14 Sep 2007 07:31:59 -0700
If you had the machine offline and patched it into a hub with another box running Wireshark or Ettercap (or other) and restarted the service, I wonder if you could crack the captured hash? You'd at least have a DA account's hash for replay.
I don't think password hashes are floating around on the network in a kerberos enabled Active Directory. Kerberos tickets are issued to the servers.
Current thread:
- Re: Threat vector of running a service using a domain account, (continued)
- Re: Threat vector of running a service using a domain account jfvanmeter (Sep 12)
- Re: Re: Threat vector of running a service using a domain account levinson_k (Sep 12)
- Re: Threat vector of running a service using a domain account Jay (Sep 13)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 13)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
- RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
- RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 18)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 13)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 14)
- RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)