-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 10:30 PM 3/10/2002, Jacek Lipkowski wrote: >*if* you have the account :) if you work at a university or any other >network without a strict security policy. When doing research for a RestrictAnonymous article for Security Focus, I wrote a series of little apps to enumerate net info with the NULL user. One of them was TransEnum, which enumerates all the transport devices bound to a server/workstation. Basically, it just calls NetServerTransportEnum and returns a level 0 structure that contains the transport name of any transport devices on a box. With NT4, the device name nomenclature included a portion of the adapter type/model, which made it easy to see where modems were set up as RAS devices. With Win2k, it looks like the adapter type/model has been replaced with a CSID or something. With NT4 boxes, the tool was great as it could run against a machine as NULL even when RestrictAnonymous was set to 1... The same holds true for Win2k, but you (or someone) will have to figure out the CSID to extract any more information beyond the protocol in use by the device. I post this here for 2 reasons: 1, you might have NT boxes and you were concerned about authentication, and 2, Someone might have their hands on a CSID reference (if that is what it is) that could shed some light on the return value of NetServerTransportEnum on Win2k boxes. Cheers. AD -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPIzMy4hsmyD15h5gEQIH1ACeN3QWXSfFQ+WeiaUNUQlrDfhTUlYAn0h1 bPK4x4vRYAK3phUlsGiHUhSP =Rmva -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Mar 11 2002 - 14:25:36 PST