HSC - Presentations - Active Directory network protocols and traffic

Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet

You are here: Home > Resources > Lectures > Active Directory network protocols and traffic

Go to: HSC Trainings

Services

			Skills & Expertise
			Consulting
			ISO 27001 services
			Vulnerabilities monitoring
			Audit & Assessment
			Penetration tests
			Vunerability assessment (TSAR)
			Forensics
			ARJEL
			Training courses
			E-learning

Conferences

			Agenda
			Past events
			Tutorials

Resources

			Thematic index
			Tips
			Lectures
			Courses
			Articles
			Tools (download)
			Vulnerability watch

Company

			Hervé Schauer
			Team
			Job opportunities
			Credentials
			History
			Partnerships
			Associations

Press and
communication

			HSC Newsletter
			Press review
			Press releases
			Publications

Contacts

			How to reach us
			Specific inquiries
			Directions to our office
			Hotels near our office


		Active Directory network protocols and traffic

Access to the content

Beginning of the presentation

PDF version [128 KB]

Description

Active Directory network protocols overview. Network traffic analysis using ethereal.

Context & Dates

Talk presented during SambaXP 2005, on 4 May 2005.

Author

Jean-Baptiste Marchand

Type

[

]

Abstract &
Table of content

Flyleaf
Agenda
Introduction
Active Directory network protocols
Capturing Active Directory network traffic
Using ethereal to analyze network traffic
Display filters for Active Directory protocols
DNS and CLDAP traffic
Active Directory MSRPC interfaces
MSRPC traffic: ncacn_np transport
MSRPC traffic: ncacn_ip_tcp transport
Group Policy: introduction
Group Policy Traffic (1/2)
Group Policy Traffic (2/2)
MSRPC traffic between AD domain controllers (1/2)
MSRPC traffic between AD domain controllers (2/2)
ethereal Kerberos decryption feature
ethereal kerberos decryption applied to Active Directory network traffic
Demonstrations
Conclusion
References
Greetings

Demonstrations in Flash

Ethereal analysis of network traffic observed during an AD domain member join process (5222 KB - 6'32")
Better see it in a 1000x740 pixels pop-up
Ethereal analysis of AD domain controllers network traffic (2760 KB - 1'53")
Better see it in a 1000x740 pixels pop-up

Related documents

Windows

Windows Security

SSToPer tool [A Linux implementation for SSTP client -

]

Rainbow Tables and accents characters on Windows [31 May 2007 -

]

Workstation Security [29 March 2007 -

]

Presentation of Alternates Data Stream (ADS) of NTFS [28 October 2005 -

]

MSRPC NULL sessions - exploitation and protection [29 June 2005 -

]

Windows remote administration tools overview [15 June 2005 -

]

Windows log files [6 June 2005 -

]

Minimizing Windows Server 2003 network services [6 April 2005 -

]

Running with least privilege on Windows systems [7 February 2005 -

]

SSLtunnel for Windows [22 September 2004 -

]

Active Directory network protocols and traffic [13 September 2004 -

]

Windows network services [13 January 2004 -

]

Windows network services internals - HiverCon 03 [6 November 2003 -

]

Windows network services internals [22 October 2003 -

]

Windows network services for Samba folks [14 April 2003 -

]

Security model of Windows systems [14 October 2002 -

]

Minimization of network services on Windows systems [2 September 2002 -

]

Windows systems network services - Case study with Windows 2000 and Windows XP [6 June 2002 -

]

Minimizing network services on Windows systems [3 June 2002 -

]

Remote administration of Windows systems (Part 2) - rpcclient [18 February 2002 -

]

Remote administration of Windows systems (Part 1) - SSH [19 November 2001 -

]

IP filtering and IPsec in Windows 2000 [7 September 2001 -

]

Microsoft & Security: Beware Danger [13 March 2001 -

]

Windows NT network flows [24 September 1998 -

]

NT4 registers related to security [April 1998 -

]

Copyright