Home page logo
/

basics logo Security Basics mailing list archives

Re: hacking win2kPro out of the box
From: H Carvey <keydet89 () yahoo com>
Date: 6 Dec 2004 11:38:54 -0000

In-Reply-To: <285472c90412030724661edaf9 () mail gmail com>


Does anyone have any information on common attacks for local
priviledge escalation, and ways to secure against these?

Google is your friend:
http://www.google.com/search?hl=en&q=%22Windows+2000%22+OR+%22Win2K%22+AND+%22privilege+escalation%22

Also, Google for "ntpasswd".  

The sort of thing I'm looking for is a detail of an attack, followed
by the procedure(s) I would use to:

a) recover from it if neccessary
b) thwart future attacks of it's type.

The answer for "b" is easy...secure local access, in particular, physical access to the system.

I basically want to swap roles between hacker and sysadmin so I can
learn more about the best of both worlds.

Again, start w/ Google. 

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]