
Penetration Testing mailing list archives
Re: [PEN-TEST] RAS PT
From: Nasir Farhat Khan <nasir () instecdigital com>
Date: Thu, 5 Oct 2000 18:42:33 +0500
I suppose that you want to test an NT box running Remote Access Service. For penetration testing you can try RASMAN Security Descriptor Vulnerability. It is called the RASMAN bug and gives you complete control of the NT Box running RAS Manager service. We have tested this on a NT 4.0 box any unpriviledged NT user can gain administrative access remotely. More details can be found at: http://www.quimeras.com/secadv/rasman.htm Microsoft has issued a Security Bulletin (MS99-041) on RASMAN Security Descriptor Vulnerability. According to Microsoft SP6 machines are also vulnerable. http://www.microsoft.com/technet/security/bulletin/ms99-041.asp Bugtraq Vulnerability Database: http://www.securityfocus.com/vdb/?id=645 Nasir Farhat Khan Instec Digital Systems - Pakistan nasir () instecdigital com ----- Original Message ----- From: "Batten, Gerald" <GBatten () EXOCOM COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Wednesday, October 04, 2000 11:14 PM Subject: [PEN-TEST] RAS PT
I unfortunately have very little experience in doing any sort of PT on a
RAS
box... let's assume it's an NT box. Other than enforcing strong passwords or maybe strong authentication via certificates or SecurID-type cards,
what
else can I do to A) protect it, and B) run some sort of PT against it? Gerald. *Note: Views expressed in this e-mail are not necessarily those of my employer. **Note: Views expressed in this e-mail are not necessarily mine either.
Current thread:
- [PEN-TEST] RAS PT Batten, Gerald (Oct 04)
- Re: [PEN-TEST] RAS PT Nasir Farhat Khan (Oct 05)
- <Possible follow-ups>
- Re: [PEN-TEST] RAS PT Schwienteck, Matthew (Oct 05)
- Re: [PEN-TEST] RAS PT Thompson, Stephen (Oct 05)
- Re: [PEN-TEST] RAS PT Frank Knobbe (Oct 06)
- Re: [PEN-TEST] RAS PT H Carvey (Oct 06)
- Re: [PEN-TEST] RAS PT Batten, Gerald (Oct 09)
- Re: [PEN-TEST] RAS PT Peter Van Epp (Oct 10)