Penetration Testing mailing list archives
Re: [PEN-TEST] RAS PT
From: Frank Knobbe <FKnobbe () KNOBBEITS COM>
Date: Fri, 6 Oct 2000 12:52:31 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 When you test RAS, or if you want to verify and audit your RAS security, make sure you turn on logging on several RAS instances. Walk through the Registry keys for RAS and you find several 'Logging' parameters (by default set to 0, disabled). Out of the top of my head I only remember RASMan/Parameters and RASMan/PPP, but there are other keys that allow you to turn on logging as well (for more info, check the file REGENTRY.HLP that comes with the Resource Kit). These log files (especially the PPP logs) list every successful and unsuccessful PPP authentication attempts (amongst general PPP stuff, like session setup). By default these logs are written to %systemroot%\system32\ras, but I seem to remember an entry to change the directory. You'll be surprised how much logging info you can get out of NT's RAS... Regards, Frank
-----Original Message----- From: Batten, Gerald [mailto:GBatten () EXOCOM COM] Sent: Wednesday, October 04, 2000 1:14 PM I unfortunately have very little experience in doing any sort of PT on a RAS box... let's assume it's an NT box. Other than enforcing strong passwords or maybe strong authentication via certificates or SecurID-type cards, what else can I do to A) protect it, and B) run some sort of PT against it? Gerald. *Note: Views expressed in this e-mail are not necessarily those of my employer. **Note: Views expressed in this e-mail are not necessarily mine either.
-----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOd4RX0RKym0LjhFcEQL2nQCdGY64xZcgXagTrfzjhL58L+qCJuoAnRCJ jCz6yuAJ4xCS4eqtgEqQCEDu =jsF/ -----END PGP SIGNATURE-----
Current thread:
- [PEN-TEST] RAS PT Batten, Gerald (Oct 04)
- Re: [PEN-TEST] RAS PT Nasir Farhat Khan (Oct 05)
- <Possible follow-ups>
- Re: [PEN-TEST] RAS PT Schwienteck, Matthew (Oct 05)
- Re: [PEN-TEST] RAS PT Thompson, Stephen (Oct 05)
- Re: [PEN-TEST] RAS PT Frank Knobbe (Oct 06)
- Re: [PEN-TEST] RAS PT H Carvey (Oct 06)
- Re: [PEN-TEST] RAS PT Batten, Gerald (Oct 09)
- Re: [PEN-TEST] RAS PT Peter Van Epp (Oct 10)