Bezpenost Windows pro pokroil pstup do st Ing
Bezpečnost Windows pro pokročilé: přístup do sítě Ing. Ondřej Ševeček | GOPAS a. s. | MCM: Directory | MVP: Enterprise Security | CEH: Certified Ethical Hacker | CHFI: Computer Hacking Forensic Investigator ondrej@sevecek. com | www. sevecek. com | GOPAS: info@gopas, cz | www. gopas. cz | www. facebook. com/P. S. GOPAS
Alternative credentials and network access Advanced Windows Security
Alternative identities § NET USE \gps-data. gopas. virtual • is different then \gps-data, you can use other credentials § NET USE \10. 0. 21 • is still different from the previous two, you can use yet another user account § RUNAS /user • must have local logon § RUNAS /netonly /user • supplies different network credentials for current user • does not need any local logon
LSASS caches alternate identities during logon session § NET USE \gps-data /user: GPShelena § NET USE \gps-data /user: GPSleos • error 1219 • Multiple connections to a server by the same user, using more than one user name, are not allowed § Must log-off or NET USE /DELETE
Default Local Users Group § By default local Users group contains • Authenticated Users § Default security • Everyone = Authenticated Users = Users § Do not use any of the groups for securing resources
Default Local Users Group
Děkuji za pozornost Ing. Ondřej Ševeček | GOPAS a. s. | MCM: Directory | MVP: Enterprise Security | CEH: Certified Ethical Hacker | CHFI: Computer Hacking Forensic Investigator ondrej@sevecek. com | www. sevecek. com | GOPAS: info@gopas, cz | www. gopas. cz | www. facebook. com/P. S. GOPAS
- Slides: 7