-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 10:30 PM 3/10/2002, Jacek Lipkowski wrote:
>*if* you have the account :) if you work at a university or any other
>network without a strict security policy.
When doing research for a RestrictAnonymous article for Security Focus, I
wrote a series of little apps to enumerate net info with the NULL
user. One of them was TransEnum, which enumerates all the transport
devices bound to a server/workstation. Basically, it just calls
NetServerTransportEnum and returns a level 0 structure that contains the
transport name of any transport devices on a box.
With NT4, the device name nomenclature included a portion of the adapter
type/model, which made it easy to see where modems were set up as RAS
devices. With Win2k, it looks like the adapter type/model has been
replaced with a CSID or something.
With NT4 boxes, the tool was great as it could run against a machine as
NULL even when RestrictAnonymous was set to 1... The same holds true for
Win2k, but you (or someone) will have to figure out the CSID to extract any
more information beyond the protocol in use by the device.
I post this here for 2 reasons: 1, you might have NT boxes and you were
concerned about authentication, and 2, Someone might have their hands on a
CSID reference (if that is what it is) that could shed some light on the
return value of NetServerTransportEnum on Win2k boxes.
Cheers.
AD
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPIzMy4hsmyD15h5gEQIH1ACeN3QWXSfFQ+WeiaUNUQlrDfhTUlYAn0h1
bPK4x4vRYAK3phUlsGiHUhSP
=Rmva
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Mar 11 2002
Intro
