Windows: user and group enumeration

• Enumerating Users via NetBIOS: usernames and (common) passwords. Enum: use and output. DumpSec: output.

  • Countermeasures: as before (close ports, no NetBIOS over TCP/IP)

• Enumerating Users using SNMP: SolarWinds IP Network Browser. See also snmputil and read more in the book.

• Windows Active Directory enumeration using ldp: Win 2k on added LDAP through the active directory -- you login once (the good) and have access to all resources (the security problem).

  • Threat and countermeasures in the book (better dealt with in Operating Systems):
    • close ports 389 and 3268,
    • upgrade all systems to Win2k or above before migrating to Active Directory.

Previous slide

Back to first slide

View graphic version