mailing list archives
Re: hacking win2kPro out of the box
From: H Carvey <keydet89 () yahoo com>
Date: 6 Dec 2004 11:38:54 -0000
In-Reply-To: <285472c90412030724661edaf9 () mail gmail com>
Does anyone have any information on common attacks for local
priviledge escalation, and ways to secure against these?
Google is your friend:
Also, Google for "ntpasswd".
The sort of thing I'm looking for is a detail of an attack, followed
by the procedure(s) I would use to:
a) recover from it if neccessary
b) thwart future attacks of it's type.
The answer for "b" is easy...secure local access, in particular, physical access to the system.
I basically want to swap roles between hacker and sysadmin so I can
learn more about the best of both worlds.
Again, start w/ Google.
"Windows Forensics and Incident Recovery"