HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Active Directory network protocols and traffic
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Active Directory network protocols and traffic  
> Access to the content HTML Beginning of the presentation
PDF PDF version [886 KB]  
> Description Active Directory network protocols overview: DNS, LDAP, Kerberos V, SNTP, SMB/CIFS, MSRPC. Network analysis of these protocols using the ethereal network analyzer (http://www.ethereal.com/)  
> Context & Dates Talk presented during a Windows Security group meeting (OSSIR), on 13 September 2004.
 
> Author Jean-Baptiste Marchand 
> Type [ French - HTML ]  
> Abstract &
Table of content
Flyleaf
Agenda
Active Directory network protocols
Internet protocols: DNS
Internet protocols: LDAP
Internet protocols: Kerberos V
Internet protocols: SNTP
Proprietary protocols: SMB/CIFS
Proprietary protocols: MSRPC
Network authentication
Network traffic analysis: goals
Network traffic analysis: methodology
Network traffic typology
Protocol Hierarchy function
TCP conversations
UDP conversations
Network traffic filtering
Display filters examples
Kerberos authentication: SMB, MSRPC, LDAP
Typical scenarios
DNS and CLDAP traffic
DNS traffic: dynamic updates (1/2)
DNS traffic: dynamic updates (2/2)
LDAP traffic
MSRPC traffic (1/2)
MSRPC traffic (2/2)
Kerberos traffic
Active Directory Service Principal Names (SPN)
Registered SPN on a AD DC
Kerberos tickets of a domain user (Windows 2000)
Kerberos tickets of a domain user (Windows XP)
Kerberos tickets on a domain controller (1/2) (LOCALSYSTEM logon session)
Kerberos tickets on a domain controller (2/2) (LOCALSYSTEM logon session)
Kerberos traffic: errors
Kerberos tickets decryption
Active Directory replication
FRS replication (File Replication Service)
SNTP traffic
Other approaches
Conclusion
References: network traffic
References: DNS
References: Kerberos
References: LDAP
References: SMB/CIFS and MSRPC
References: SNTP
Thanks  
> Related documents
themeWindows
[Course]  Windows Security
[Tool]  SSToPer tool [A Linux implementation for SSTP client - English]
[Presentation]  Rainbow Tables and accents characters on Windows [31 May 2007 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Tip]  Presentation of Alternates Data Stream (ADS) of NTFS [28 October 2005 - French]
[Presentation]  MSRPC NULL sessions - exploitation and protection [29 June 2005 - English]
[Tip]  Windows remote administration tools overview [15 June 2005 - English]
[Article]  Windows log files [6 June 2005 - English]
[Presentation]  Active Directory network protocols and traffic [4 May 2005 - English]
[Tip]  Minimizing Windows Server 2003 network services [6 April 2005 - English]
[Presentation]  Running with least privilege on Windows systems [7 February 2005 - French]
[Presentation]  SSLtunnel for Windows [22 September 2004 - French]
[Presentation]  Windows network services [13 January 2004 - French]
[Presentation]  Windows network services internals - HiverCon 03 [6 November 2003 - English]
[Article]  Windows network services internals [22 October 2003 - English]
[Presentation]  Windows network services for Samba folks [14 April 2003 - English]
[Article]  Security model of Windows systems [14 October 2002 - French]
[Tip]  Minimization of network services on Windows systems [2 September 2002 - English]
[Article]  Windows systems network services - Case study with Windows 2000 and Windows XP [6 June 2002 - French]
[Tip]  Minimizing network services on Windows systems [3 June 2002 - French]
[Tip]  Remote administration of Windows systems (Part 2) - rpcclient [18 February 2002 - French]
[Tip]  Remote administration of Windows systems (Part 1) - SSH [19 November 2001 - French]
[Presentation]  IP filtering and IPsec in Windows 2000 [7 September 2001 - French]
[Presentation]  Microsoft & Security: Beware Danger [13 March 2001 - French]
[Presentation]  Windows NT network flows [24 September 1998 - French]
[Article]  NT4 registers related to security [April 1998 - French]
> Copyright © 2004, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 28 September 2004 at 13:30:34 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants