|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Pidgorny, Slav (pidgorns
anz.com)Date: Wed Jul 25 2001 - 19:10:57 CDT
No. LocalSystem account itself cannot be used for further penetration to the
domain - an intruder must either extract cached/stored credentials, or
collect user credentials some other way (by placing hostile code behind Web
pages).
Svyatoslav Pidgorny
> -----Original Message-----
> From: Ryan Counts [mailto:webmasterbadsushi.com]
> Sent: 26 July 2001 06:52
> To: 'Ryan Permeh'; 'Nichola Veitch'; Pidgorny, Slav;
> keydet89yahoo.com;
> lynch00msn.com; focus-mssecurityfocus.com
> Subject: RE: Hacked NT/2K box
>
>
> In Active Directory Users and Compuers, if you go into the computer
> account properties, there is an option to Trust for Delegation. From
> what I understand, this is designed for security permissions of DCOM
> apps and such, but would it effect the rights of the localsystem
> account, like to give it domain access rights?
>
> Thanks,
> Ryan Counts
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]