Penetration Testing mailing list archives

RE: RE: AD password Auditing

From: "Rochford, Paul" <paul.rochford () hp com>
Date: Fri, 12 Aug 2005 10:24:34 +0100

I believe Dave Kleimans post mentioned this. Are you talking about the
local account that was used to create the AD? This would be available
fro the local SAM.


Kind Regards,
Paul Rochford 


-----Original Message-----
From: Beauford, Jason [mailto:jbeauford () EightInOnePet com] 
Sent: Thursday, August 11, 2005 3:09 PM
To: gcehrh () securityfocus com; pen-test () securityfocus com
Subject: RE: RE: AD password Auditing

I'm surprised this thread got so far without a single person realizing
this fact.

Actually, there is the "hidden" Sam DB for AD Restore (You set this
password when you run DCPROMO), but as far as Local User Accounts go,
the comment below is absolutely correct. 

-JMB

-----Original Message-----
From: gcehrh () securityfocus com [mailto:gcehrh () securityfocus com]
Sent: Thursday, August 11, 2005 8:49 AM
To: pen-test () securityfocus com
Subject: Re: RE: AD password Auditing

If you're running Active Directory a Domain Controller doesn't have any
local accounts.

------------------------------------------------------------------------
------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You
Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
------------------------------------------------------------------------
-------



------------------------------------------------------------------------
------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You
Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
------------------------------------------------------------------------
-------


------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

Current thread:

RE: AD password Auditing, (continued)
- - RE: AD password Auditing dave kleiman (Aug 08)
  - Re: AD password Auditing Joey Peloquin (Aug 08)
- RE: AD password Auditing Cedric.Baechler (Aug 08)
- Re: RE: AD password Auditing gcehrh (Aug 08)
- RE: AD password Auditing Lohan Spies (Aug 08)
- Re: RE: AD password Auditing gcehrh (Aug 11)
- Re: AD password Auditing yfs us (Aug 11)
- RE: RE: AD password Auditing Beauford, Jason (Aug 11)
- RE: AD password Auditing Distler, Dennis (Aug 12)
- Re: Re: AD password Auditing gcehrh (Aug 12)
- RE: RE: AD password Auditing Rochford, Paul (Aug 12)
- Re: Re: AD password Auditing yfs us (Aug 16)
  - Re: Re: AD password Auditing David Cravshaw (Aug 16)