Vulnerability Development mailing list archives

Re: Win2k Server + remote user enumeration

From: ollie () DELPHISPLC COM (Ollie Whitehouse)
Date: Wed, 10 May 2000 08:17:34 +0100


Joerg,

Well AD has an LDAP interface poke around have a look...

Rgds

Ollie
------
Ollie Whitehouse
Security Team
Delphis Consulting Plc
+44 (0)20 79160200

-----Original Message-----
From: Joerg Weber [mailto:joerg () FS IS UNI-SB DE]
Sent: Tuesday, May 09, 2000 4:36 PM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Win2k Server + remote user enumeration

Hi everyone,

 I was playing with a new Win2K server today (vanilla install) and poked
it with tools like gnit or cis to perform remote user enumeration. Works
fine on default workstations, but not on servers.
 Did MS wise up and change the default permissions in this regard? If so,
is it still possible to fetch that info via Active Directory maybe?

 Cheers,
        Joerg

Current thread:

Win2k Server + remote user enumeration Joerg Weber (May 09)
- Re: Win2k Server + remote user enumeration bacano (May 10)
- <Possible follow-ups>
- Re: Win2k Server + remote user enumeration Ollie Whitehouse (May 10)