Re: physical security
From: Al Mulnick (amulnick_No_SPAM_at_ncDOTrr.com)
Date: 10/23/04
- Previous message: Ulf B. Simon-Weidner [MVP]: "Re: physical security"
- In reply to: Ulf B. Simon-Weidner [MVP]: "Re: physical security"
- Next in thread: Mike Brannigan [MSFT]: "Re: physical security"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 23 Oct 2004 16:26:50 -0400
Yes, it's just easier to take over a DC and then elevate from there if you
have physical access. But Ulf brings up a good point: don't just
concentrate on the DC and the strong suggestion to physically protect just
it. Remember your laptops, PDA's, desktops, etc when it comes to physical
security.
To not do that would be the equivalent of closing the windows but leaving
the door open :)
I think the stuff from Peter Nordahl is the reference to the tool
information and such that you are after.
-ajm
"Ulf B. Simon-Weidner [MVP]" <nospam2-ulf@usw-consulting.com> wrote in
message news:e9rmOxTuEHA.3448@TK2MSFTNGP09.phx.gbl...
> "Z" <z@hotmail.com> wrote in message
> news:eWKHxGTuEHA.3016@TK2MSFTNGP12.phx.gbl:
>> Hi All,
>>
>> Earlier I heard about that the offline Active Directory database attack
>> is
>>
>> possible and some tool is availabel to this attack.
>> I would like to read more about this attack surface. Can someone point me
>> to
>> the right direction?
>> I think it is a real threat in a branch-office environment, where is the
>> physical security insufficient.
>>
>
> Hello Z.,
>
> You'd be able to hack any machine if you have offline access to it.
> Only using Hardware HDD Encryption Technologies makes it much harder.
>
> Any client you have will expose all it's local used accounts if a
> hacker gets it (e.g. Service Accounts for Software Distribution which
> runs under Domain Administrator rights,...), and a DC holds all
> accounts of a company so it exposes all if it's hacked.
>
> You do not even need to get into the database, you'd be able to hack a
> DC which you have physical access and run a brute force attack against
> all accounts.
>
> --
> Gruesse - Sincerely,
>
> Ulf B. Simon-Weidner
>
> MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
> Weblog: http://msmvps.org/UlfBSimonWeidner
> WebSite: http://www.windowsserverfaq.org
- Previous message: Ulf B. Simon-Weidner [MVP]: "Re: physical security"
- In reply to: Ulf B. Simon-Weidner [MVP]: "Re: physical security"
- Next in thread: Mike Brannigan [MSFT]: "Re: physical security"
- Messages sorted by: [ date ] [ thread ]
