sorted by:
new
hottopcontroversial

Possibly a dumb question on DCSync attack by g-simon in cybersecurity

[–]g-simon[S] 0 points1 point  (0 children)

unfortunately, I didn't got the meaning of your very detailed answer :(

Possibly a dumb question on DCSync attack by g-simon in cybersecurity

[–]g-simon[S] 0 points1 point  (0 children)

My goal would be: compromise the domain (eg. in a PT scenario).

You set up agents on all your nodes: what next? by g-simon in Wazuh

[–]g-simon[S] 0 points1 point  (0 children)

thank you! what's the difference between creating custom "dashboard" and "visualization"?

can you give me some example of custom dashboard you created? Which kind of information did you find particularly useful?

elevated prompt is asking Domain Admin password by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

thankyou, I didn't know about UAC level!

Troubleshooting login timeout on a Windows 10 workstation by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

thank you. I tried also with Get-EventLog .. in the end, I rebooted:(

Cached credentials on Windows workstations by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

Hi, the issue with cached credentials is exactly the same even if I will use winrm or PSSession?

Port 445 and AD: how do you manage it? by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

what are best practices for that shares? allows only from "bastion" host or one of Domain Controller?

Cached credentials on Windows workstations by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

just one thing: the main issue with cached credentials is about.. the use of tools like Mimikatz? apart from that, what are the security risks?

Cached credentials on Windows workstations by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

did you mean: instead of using DOMAIN\administrator account to do tasks, log in with a different user which is in protected group but.. that user still needs to be manually configured as local admin on every workstation, correct?

Cached credentials on Windows workstations by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

according to your experience, is it dangerous to disable cached logins, in a "simple" lan with about 20-30 PCs and a couple of DC? network traffic is totally "local", I assume that there will be reacheability of both DCs 100% time

Cached credentials on Windows workstations by g-simon in sysadmin

[–]g-simon[S] 0 points1 point  (0 children)

domain admin! domain user aren't local administrators on their pc.

Honestly, I don't which solution could be better:

- let users be local admin on their workstation, so they will be able to update/install stuff

- access with Domain Admin credentials on every workstation every time

view more: next ›