Security Basics mailing list archives
Re: Windows Server without AD?
From: lukasz () piatek pl
Date: 7 Dec 2009 00:02:22 -0000
Hi. Do not expect it will be easy to break Windows Server 2003 box because of lack of AD. Windows 2000 introduced Kerberos as a new authentication method since 1999. There are some slight differences between MIT and Microsoft Kerberos implementation (http://tools.ietf.org/html/rfc3244). There are many ways how to secure infrastructure based on Windows Server platform without AD implemented (which is usually implemented only when higher scalability is the primary concern). You may try to brute force built-in Administrator account but if I were the man who hardened this box (if such was performed) I would disable this account at all and enable detailed auditing for any fishy activity. You mentioned about Terminal Services being used on the box. You may use tsgrinder to try to brute force account of somebody and then try to elevate privileges. If this host is not firewalled (what is sometimes true) you may try this host to be nessused for any major security holes. Regards, Lukasz Piatek http://blog.lukaszpiatek.com http://lukasz.piatek.pl http://ntsecurity.pl ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Windows Server without AD? Scott Race (Dec 04)
- Re: Windows Server without AD? Ansgar Wiechers (Dec 10)
- <Possible follow-ups>
- Re: Windows Server without AD? lukasz (Dec 10)
- Re: Windows Server without AD? stcroix111 (Dec 10)