Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: HASHES being sent through my network

from [Saqib Ali] Network Security [Permanent Link]
Subject: Re: HASHES being sent through my network
Date: Sat, 25 Nov 2006 10:28:18 -0500 
My first question to you is: Is this a Kerberized Active Directory
environment where all the machines are part of the domain OR just a
standalone Win 2K server???

If it is just a standalone Win2K server, then YES, the password hashes
will float around on the network. That is because it is a not a
Kerberos environment.

IF it was a kerberos env (i.e. Active Directory with domains etc) then
only the kerberos service tickets would float around and not password
hashes or usernames.

saqib
http://www.full-disk-encryption.net


On 23 Nov 2006 22:34:34 -0000, lnrcmbymrhdcr@mailinator.com
<lnrcmbymrhdcr@mailinator.com> wrote:

Hello,
Not sure if appropriate list, but I was testing the flow through my network and 
noticed that everytime I authenticate against a Windows 2000 Server, ettercap 
captures the following:


USER: xxxx.xxxxx  HASH: xxxx.xxxxx:"":"":B5868F57a
x3F34FC7C00000000000000000000000000000000:A109BED82C8BF6BE8A0E5EDFC42964CFE274Fa
x278CF27281E:116FB24C76E30E4A DOMAIN: ZZZZZZZ

Does this mean that the password is also floating about and can be accessed and 
read remotely?

What HASH is this as it does not look like 32 bit version?

Cheers



--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: How safe is a VPN connexion from within an internal network?, Jeffrey F. Bloss
Next by Date:  RE: advice for ccna certification, Colombo Simone
Previous by Thread:  HASHES being sent through my network, lnrcmbymrhdcr
Next by Thread:  Re: HASHES being sent through my network, warl0ck
Indexes:  [Date] [Thread] [Top] [All Lists]