Paul Bergson
Guest
|
 Posted:
Mon Nov 14, 2005 1:50 am Post subject:
|
|
|
Sid filtering is used when there are trusts established. There is a way to
elevate privleges from one domain to another.
Once a trust is established there is an attribute available (SIDHistory)
that can be populated with sids from other domains. If you have some one
sniffing a remote network that finds an account that has admin privleges in
the remote network, they can populate there SIDHistory attribute with the
remote if they can change there own attribute.
To prevent this there is a Sid Filter technique that can block this.
Read about all of this at:
http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights. |
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in