Hi Chris! If I understad your concerns right (don't know exactly, my english is not to good), then your problem is not really a pen-test problem, but a linux/windows problem. If you want to have access to the login-ID's of your Windows-Servers, then you have with Win2k a very good chance to solve this problem relativly easy. You just have to set up an LDAP (e.g. OpenLDAP)-Server, which acts as a proxy between your Linux-Workstations and the "Directory-Service" of your Windows-Servers. With this solution, it is also possible to do not just normal querys against the Win2k-LDAP-Server, but also the authentification of the UNIX-Clients via pam_ldap (but who really wants to do this!). Ulrich Keil Want to double your drive-space? Delete Windows! Chris Barber wrote: >Hi all; > >I have a client that uses primarily Linux workstations for the end users. >They use NT and Win2K servers for the storage of many networked applications >and data. One of the concerns they have is if users on the network would be >able enumerate the login IDs on the NT/Win2k servers from the Linux >workstations. I have not seen anything on the net lately that would do this >but I thought I would ask those who do this kind of thing all of the time. >I am not Pen-tester by trade but I do dabble from time to time (when I have >some, time that is). > >Can anyone lend a hand? > >Thnaks > >Chris ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 08:10:06 PDT