NSA Guide – Reducing the Effectiveness of Pass-the-Hash

By Andrei Ungureanu - Last updated: Tuesday, July 1, 2014 - Save & Share - One Comment

Cotrobaind pe net dupa niste tool-uri am gasit un ghid pentru PtH mitigation chiar de la NSA:

http://www.nsa.gov/ia/_files/app/Reducing_the_Effectiveness_of_Pass-the-Hash.pdf

Si ce m-a suprins a fost ca e chiar de actualitate si contine chestii din sistemele de operare noi gen Windows 8.1 si 2012 R2 (Protected Users group, protected LSASS, blocking local accounts, rdp restrictedadmin).

Ghidul nu contine foarte multa informatie insa te indruma catre anumite tehnici/tehnologii/tool-uri si tutoriale.

Posted in Security • Tags: PtH • Top Of Page

One Response to “NSA Guide – Reducing the Effectiveness of Pass-the-Hash”

Comment from CatalinB
Time July 1, 2014 at 10:07 pm

Pe aceasi tema as vrea sa adaug si urmatorul ghid foarte interesant, oferit de echipa CERT-EU:
http://cert.europa.eu/static/WhitePapers/CERT-EU-SWP_14_07_PassTheGolden_Ticket_v1_1.pdf

PS: o sa gasiti un scenariu concret cand contul KRBTGT de care amintea Andrei intr-un post anterior, ar trebui resetat:
http://www.winadmin.ro/2014/06/12/whats-the-role-of-krbtgt-account-in-active-directory/

Recent Posts

Categories

Tags

De vizitat

Archives

Recent Comments

NSA Guide – Reducing the Effectiveness of Pass-the-Hash

One Response to “NSA Guide – Reducing the Effectiveness of Pass-the-Hash”

Write a comment