Security Basics mailing list archives

Re: Threat vector of running a service using a domain account

From: "Ali, Saqib" <docbook.xml () gmail com>
Date: Thu, 13 Sep 2007 10:41:54 -0700

If a server does cache these creditonals then these can be attacked independant of the AD and its underlying security 
controls.



If a service uses domain credential, do those credentials get cached?
I thought only interactive logon credentials are cached.

saqib
http://security-basics.blogspot.com/

Current thread:

RE: Threat vector of running a service using a domain account, (continued)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 12)
  - Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 12)
    - Re: Threat vector of running a service using a domain account gjgowey (Sep 13)
- Re: Threat vector of running a service using a domain account James Fryman (Sep 13)
- Re: Threat vector of running a service using a domain account jfvanmeter (Sep 12)
  - Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 12)
- Re: RE: Threat vector of running a service using a domain account levinson_k (Sep 12)
- Re: Threat vector of running a service using a domain account jfvanmeter (Sep 12)
- Re: Re: Threat vector of running a service using a domain account levinson_k (Sep 12)
- Re: Threat vector of running a service using a domain account Jay (Sep 13)
  - Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 13)
    - RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
    - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)
    - RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
    - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 18)
- RE: Threat vector of running a service using a domain account Jay (Sep 14)
  - RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
    - Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 14)
    - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)
  - RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)