.

Trust relationships

<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 570

Joined: Sat Apr 17, 2010 12:12 pm

Post Fri Jul 15, 2011 8:47 am

Trust relationships

Hi all,

I am taking the SANS GCIH class, and we are talking about IP Spoofing and trust relationships. Is there a way to determine these relationships remotely? How does an attacker determine whether a system has these relationships? Please explain for both UNIX and Windows. The section seems to be focusing on NIX's but I assume trust relationships exist on windows, but if I remember correctly, these are mostly domain related in windows.
sectestanalysis.blogspot.com/‎
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Fri Jul 15, 2011 9:22 am

Re: Trust relationships

With enough information, you can infer trust relationships by studying host names, ports, and infrastructure.  You can more accurately determine this by gaining access to the data stream and sniffing it or by pilfering config files and netstat type info from the compromised host.  Look for SSH, r-commands (rsync is common), NFS, stuff like that.  Any protocols that can authenticate in a non-interactive mode should be considered.
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software