Chris Barber wrote: > > Hi all; > > I have a client that uses primarily Linux workstations for the end users. > They use NT and Win2K servers for the storage of many networked applications > and data. One of the concerns they have is if users on the network would be > able enumerate the login IDs on the NT/Win2k servers from the Linux > workstations. I have not seen anything on the net lately that would do this > but I thought I would ask those who do this kind of thing all of the time. > I am not Pen-tester by trade but I do dabble from time to time (when I have > some, time that is). > > Can anyone lend a hand? This is easiest to do from another WinXX machine since all of the libs are "just there." One really cool set of tools, UserInfo and UserDump, are at, http://www.hammerofgod.com/download.htm These work even if the null user has been restricted. The author, Thor, had some really fun talks at DEFCON. A UNIX-based tool I've used is 'nat' (a.k.a. 'nbaudit') from, ftp://ftp.secnet.com/pub/tools/nat10/ But I don't think it works against systems where the null user has been restricted. However, it is simply busy-work to reverse-engineer the WinXX-based tools to run on a UNIX-like system like Linux. I am not sure if this has been done. -- Crist J. Clark Network Security Engineer crist.clarkat_private Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmasterat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 08:08:04 PDT