Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Setting up promiscuous mode

  1. #11
    Junior Member
    Join Date
    Dec 2005
    Posts
    5
    The sad thing about all of this is, I noticed the activity after I had reimaged a lab so anything that my "arch-enemy" was doing was wiped out. Of course, without the image I might not have noticed in the first place...double edged sword. It has taught me that I need to be WAY more vigilant though. One other question I have though, if the domain admin account had a profile on a machine, can the password somehow be decrypted out if that profile? I thought I read something about that in the past few days while I have been trying to figure out, just how much I don't know...which apparently is quite a bit.

  2. #12
    It may be possible, with a cracking tool, to ferret out the domain admin passwords. My own policies cleared those from systems on logout, in my previous life. But, I also didn't use those for logins. Use a non-priviledged account for login, then runas for the heavy stuff.

    Tutorial: Setting Up Promiscuous Mode

    Code:
    1. Saturday Night, Shower and shave.
    2. Polish the black Justins.
    3. Dust off the Stetson.
    4. Dress with nice western shirt, jeans, Justins and Stetson. Skoal in back pocket.
    5. Drive to honkey tonk.
    6. Enter honkey tonk.
    7. Order three shots whiskey at bar and slam 'em down.
    8. Order beer for chaser.
    9. Turn around and scan the floor.
    10. Promiscuous Mode ON!
    Just hadda do that.

  3. #13
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    If you set the domain policy such that the clients don't cache passwords then there will be no passwords or their hashes from the domain stored on the client. The authentication will have to take place over the network.

    To test for this setting log in as a domain user that has rights on the local machine. Log out, disconnect the network cable and try logging in as the same domain user. If it comes back telling you the domain can't be found then the setting is set correctly. If it logs you in to the local machine then it is not.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •