At the NSAA IT Conference and Workshop, put on by NASACT, I presented on Auditing Windows Account Management. I’m posting the slides to my presentation as reference. I would love any feedback from anybody who attended the presentation. The tool PWDumpX was demonstrated during the presentation. A document on how to use the tool to obtain Windows Domain account password hashes has been posted.
Oct 142008
Sep 192008
A TFTP Server for in Information Systems Auditor is an important tool. It has come in handy in a couple situations during an audit. The two that come to mind are retrieving Cisco configuration files and uploading Netcat during a SQL audit or SQL Injection test. This is a quick post on how I like to setup my tftp server on Linux and Windows.
My Linux distro of choice is Ubuntu.
$sudo -s
#apt-get install atftpd
#mkdir /tftproot
#chmod 777 /tftproot
#atftpd –daemon /tftproot
That will get you started on Linux. For Windows I like the free tftp server you get from www.solarwinds.com. Download and install. Create the directory C:\TFTP-Root.