Posts tagged: lsass

Dec 10 2012

Pentesting an Active Directory infrastructure

We will see in this post some steps of a pentest against an ADDS domain. This pentest focuses only on the Microsoft System and does not take into account Antivirus, Firewall, IDS and IPS protections. The parts we describe in detail are scanning, exploitation and maintaining access. The pentest is performed with BackTrack 5 R3, you can download it here. The tools we use are Nmap, Nessus, Metasploit (the hacker’s framework, exploits are written in ruby), John the Ripper and Powershell. The pentest’s goal is to retrieve domain administrator credentials and maintain the access on the ADDS domain discretly.
Read more »

Mar 20 2010

Identify applications that cause your Domain Controller to decrease in performance

We will describe in this post how to indentify an application that causes a CPU time overconsumption on your Domain Controllers. We will use two tools for this: Server Performance Advisor and Wireshark. The first is used if you have a Windows 2003 DC, if OS is Windows 2008 the tool is already included, you access it with MMC snap-in perfmon.msc, its new name is Windows Reliability and Performance Monitor. Both versions have performance counters dedicated to Active Directory, in this post we will use SPA, because the DC having trouble is running Windows 2003. If you want more details on using Windows RPM for AD you can read this article.
Read more »

Mar 07 2010

Conficker causes lsass process overconsumption

If lsass process consumes too much CPU time on your domain controller the cause might be clients infected by Conficker. The link to the KB article discusses how to prevent its propagation and how to remove the worm. The purpose of this post is to identify infected clients which cause this lsass.exe overconsumption easily.

This topic was already discussed in a post of AskDS, I’ll add a few comments and scripts which will help you to eradicate the virus on your workstations.
Read more »

WordPress Themes

Blossom Icon Set

Software Top Blogs