Security Basics mailing list archives
RE: Threat vector of running a service using a domain account
From: "Ramsdell, Scott" <Scott.Ramsdell () cellnet com>
Date: Fri, 14 Sep 2007 09:01:05 -0400
Saqib, I believe you're right. Each time I've run cachedump for demonstration I do not receive hashes for services logging in over the network, I only receive hashes for interactive users. Kind Regards, Scott Ramsdell -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ali, Saqib Sent: Thursday, September 13, 2007 12:42 PM To: Jay Cc: smanaois3 () gmail com; security-basics () securityfocus com Subject: Re: Threat vector of running a service using a domain account
If a server does cache these creditonals then these can be attacked
independant of the AD and its underlying security controls. If a service uses domain credential, do those credentials get cached? I thought only interactive logon credentials are cached. saqib http://security-basics.blogspot.com/
Current thread:
- Re: Threat vector of running a service using a domain account, (continued)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 12)
- Re: Threat vector of running a service using a domain account gjgowey (Sep 13)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 12)
- Re: Threat vector of running a service using a domain account James Fryman (Sep 13)
- Re: Threat vector of running a service using a domain account jfvanmeter (Sep 12)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 12)
- Re: RE: Threat vector of running a service using a domain account levinson_k (Sep 12)
- Re: Threat vector of running a service using a domain account jfvanmeter (Sep 12)
- Re: Re: Threat vector of running a service using a domain account levinson_k (Sep 12)
- Re: Threat vector of running a service using a domain account Jay (Sep 13)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 13)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
- RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
- RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 18)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 13)
- RE: Threat vector of running a service using a domain account Ramsdell, Scott (Sep 14)
- Re: Threat vector of running a service using a domain account Ali, Saqib (Sep 14)
- RE: Threat vector of running a service using a domain account Roger A. Grimes (Sep 14)