How To Remove LLMNR and NBT-NS From Your Active Directory Environment

Рет қаралды 4,458

Күн бұрын

Пікірлер: 17

@Northcliffevassenger 5 ай бұрын

Thanks for demostrating the power of linux/ Active Directory vulnerabilities are one of the most common pitfalls in the actual networking envrionment.

@notta3d 2 ай бұрын

Great video. The million dollar question, by making these changes what possibly could break? It's fine in a lab but in production this question has to be asked. I know it has to be done, but management will want to know what impact this change could have on the environment? Will production systems, old and new, stop communicating? Thanks for the video.

@lfernandorg 2 жыл бұрын

thanks for demonstrating using kali, that type of demonstrations gave me mo peace of mind, now I know that everything I have done worked properly

@InfiniteLogins 2 жыл бұрын

I'm glad this helped!

@AlexAlex-ei7zf 2 ай бұрын

Шалом, братан! Спасибо. Забыл за эту штуку. На Твое видео случайно наткнулся. Привет Тебе из Харькова

@tshepisomotsoaledi6324 3 жыл бұрын

Great tutorial, this is still an ongoing problem for organizations with legacy systems where they simply cannot afford to disable LLMNR and NBT-NS. Guess one of the mitigations action is to enforce a strong password policy standard say minimum of 16 characters to deter offline cracking.

@InfiniteLogins 3 жыл бұрын

Great point! I'd argue that the long-term plan is to get those legacy devices upgraded, and the short-term plan is to make sure they're isolated on their own networks without users logging into them. A strong password policy will help with the cracking aspect, but it doesn't prevent NTLMv2 Relay attacks unless SMB Signing is also enforced across the organization.

@tshepisomotsoaledi6324 3 жыл бұрын

@@InfiniteLogins I agree with with you most definitely, I forgot to mention SMB Signing as another mitigation earlier. Oh by the way I enjoy your tutorials, keep up the good work and thank you.

@AliHussain-iz9wx Жыл бұрын

From the demo im guessing not but Is there a need to disable mDNS aswell?

@waynewoolsey6422 3 жыл бұрын

great video man

@Servietsky_ 5 ай бұрын

U the goat, one more sub

@pacman804 3 жыл бұрын

awesome 💯

@cimihan4816 3 жыл бұрын

Hy,I have my windows server in hyper-V. Right now I am practicing attack and defense in AD.I wanted to attack my lab misconfigurations from my system windows. How should I configure my server so that I should not have to installed another OS on hyper-V just for attacking(coz I don't have a powerful comp).

@InfiniteLogins 3 жыл бұрын

I'm sorry, I'm not sure I understand your question.

@cimihan4816 3 жыл бұрын

@@InfiniteLogins Glad you replied.It's just that can I attack my windows server which is installed in hyper-v from my system os ? Like how do I do kerbroasting from my system windows to the server which is on hyper-v?