![]() This post is meant to describe some of the more popular ones in current use. There are many ways an attacker can gain Domain Admin rights in Active Directory. Refuse LM & NTLM, SYSVOL, User Rights Assignments, WDigest Authentication, Windows Server 2012 R2, Windows Server 2016 ![]() 31B2F340-016D-11D2-945F-00C04FB984F9, 6AC1786C-016F-11D2-945F-00C04FB984F9, Active Directory Best Practices analyzer, Active Directory Security, Active Directory security best practices, Audit: Force audit policy subcategory settings, Configuring Domain Controller Auditing, Default Domain Controllers Policy, Default Domain Policy GPO, Domain Controller security, domain password policy, Enable LSA Protection, Enable NTLM Auditing, Event Logs, Fine-Grained Password Policy, GPMC, Group Policy Management Console, HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest\UseLogonCredential, KB2871997, Key Domain Controller Security Items, LAN Manager authentication level, LSA Protection, Lsass.exe audit mode, Microsoft domain controller auditing, Microsoft SCM Domain Controller Security Compliance Policy, Microsoft SCM Domain Security Compliance Policy, Microsoft Security Compliance Manager, Minimum password age, Patching Domain Controllers, Protecting Domain Controllers, Recommended Group Policy Settings, Require 128-bit encryption, Require NTLMv2 session security, Require strong (Windows 2000 or later) session key, SCM, secure Active Directory, Securing Active Directory, Security Compliance, Send NTLMv2 response only. ![]() This post focuses on Domain Controller security with some cross-over into Active Directory security. ![]() At BlackHat USA this past Summer, I spoke about AD for the security professional and provided tips on how to best secure Active Directory. Active Directory security effectively begins with ensuring Domain Controllers (DCs) are configured securely. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |