PaulDotCom mailing list archives
detecting PDCs
From: Russell.Butturini at Healthways.com (Butturini, Russell)
Date: Fri, 26 Mar 2010 07:49:26 -0500
I don't want to get too far down this tangent since it's off the original question. What you said is true, but again you're depending on a specific configuration and the complexity of the environment. It's possible to miss cross-domain trusts, child domains, etc. if you limit your thinking like this. I just don't think you want to pidgeonhole yourself into a mindset or solution where you can't see the Active Directory forest for the trees :-). -----Original Message----- From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of genesiswave at gmail.com Sent: Friday, March 26, 2010 7:02 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] detecting PDCs If you are on the network there is a good chance that the DHCP is configured to assign a default domain and alternate search domains Winipcfg /all on windows - look for connection-specific DNS Suffix Review the /etc/resolv.conf for a search entry and IP addresses for DNS servers Sent via BlackBerry from T-Mobile -----Original Message----- From: "Butturini, Russell" <Russell.Butturini at Healthways.com> Date: Thu, 25 Mar 2010 20:12:33 To: 'pauldotcom at mail.pauldotcom.com'<pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] detecting PDCs That's true but you still have to know the internal domain name :-) ----- Original Message ----- From: pauldotcom-bounces at mail.pauldotcom.com <pauldotcom-bounces at mail.pauldotcom.com> To: PaulDotCom Security Weekly Mailing List <pauldotcom at mail.pauldotcom.com> Cc: pauldotcom at mail.pauldotcom.com <pauldotcom at mail.pauldotcom.com> Sent: Thu Mar 25 20:10:23 2010 Subject: Re: [Pauldotcom] detecting PDCs Well for DNS you do not have to be Sent from my Mobile Phone On Mar 25, 2010, at 8:12 PM, "Butturini, Russell" <Russell.Butturini at Healthways.com
wrote:
These solutuons are useful, but you're assuming a machine joined to the domain, running in the context of an authenticated user session, with knowledge of the internal domain name. ----- Original Message ----- From: pauldotcom-bounces at mail.pauldotcom.com <pauldotcom-bounces at mail.pauldotcom.comTo: PaulDotCom Security Weekly Mailing List <pauldotcom at mail.pauldotcom.comSent: Thu Mar 25 16:36:13 2010 Subject: Re: [Pauldotcom] detecting PDCs Indeed. Similar to ethe cho %logonserver% method is: Systeminfo | findstr /I /C:"logon server" But a nice way is to get it from dns: Nslookup -type=srv _ldap._tcp.pdc._msdcs.<domainname> Will give you the same answer as logonserver, to see all DC's change pdc to just dc. I got 8 DCs doing this at work all of which I know are dcs -Josh On Mar 25, 2010, at 5:07 PM, k41zen <k41zen at live.co.uk> wrote:depends on how auth'd you are to the domain I guess, but dsquery is very useful too http://www.computerperformance.co.uk/Logon/DSquery.htm http://tactech.net/2009/09/28/how-to-search-for-a-domain-controller/ http://technet.microsoft.com/en-us/library/cc732885%28WS.10%29.aspx On 25 Mar 2010, at 10:54, Robin Wood wrote:Hi I'm wondering what techniques people are using to detect domain controllers when they get on networks. I've asked a few people and the standard answer seems to be to look for the DNS server as the PDC is usually also acting as the DNS server. Has anyone else got any better or alternative techniques they use? Robin _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com *** *** *** ********************************************************************* This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. *** *** *** ********************************************************************* _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ******************************************************************************
Current thread:
- detecting PDCs, (continued)
- detecting PDCs Butturini, Russell (Mar 25)
- detecting PDCs Brett (Mar 25)
- detecting PDCs Joshua Smith (Mar 25)
- detecting PDCs Carlos Perez (Mar 25)
- detecting PDCs k41zen (Mar 25)
- detecting PDCs Joshua Smith (Mar 25)
- detecting PDCs Butturini, Russell (Mar 25)
- detecting PDCs Carlos Perez (Mar 25)
- detecting PDCs Butturini, Russell (Mar 25)
- detecting PDCs genesiswave at gmail.com (Mar 26)
- detecting PDCs Butturini, Russell (Mar 26)
- detecting PDCs Carlos Perez (Mar 26)
- detecting PDCs Robin Wood (Mar 26)
- detecting PDCs Butturini, Russell (Mar 26)
- detecting PDCs Joshua Smith (Mar 25)
- detecting PDCs Carlos Perez (Mar 26)
- detecting PDCs Joshua Smith (Mar 26)
- detecting PDCs Ian Bowman (Mar 25)
- detecting PDCs Carlos Perez (Mar 26)
- detecting PDCs Carlos Perez (Mar 25)
- detecting PDCs Sherwyn (Mar 25)
- detecting PDCs Carlos Perez (Mar 25)