“Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. However, Active Directory became an umbrella title for a broad range of directory-based identity-related services.
A server running Active Directory Domain Service (AD DS) role is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information, provides authentication and authorization mechanisms, and establishes a framework to deploy other related services: Certificate Services, Active Directory Federation Services, Lightweight Directory Services, and Rights Management Services.
Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft’s version of Kerberos, and DNS.
“
Wikipedia
Businesses of all sizes generally host directory services such as Active Directory (AD) on their network. (AD) on their network. Active Directory is a Microsoft product which consists of several services running on a Windows Server. Its purpose is to manage permissions and access to networked resources, providing your users with a simple solution to collaborate and get the job done.
Active Directory is where it would be done.
Laneden Founder,
Darryl Lane
In our experience AD grows organically and is a treasure trove of information for an attacker. Hosting mountains of legacy build up over the years, potentially thousands of forgotten network accounts, who only knows how many of those accounts have terrible guessable passwords allowing access to your systems and data.
Laneden can carry out general configuration audits and password audits. Utilising the same techniques as malicious actors, we can help you identify and understand the potential risks associated with your directory services.
Delivering a simple, concise report highlighting all associated risks, password statistics, cracking statistics, general configuration concerns and remediation advice. Along with best practises and techniques for helping users understand how they can help protect themselves, your business and most of all your customers.
Let’s work together to bring peace of mind.
Laneden Founder,
Darryl Lane
Using a combination of automated and manual testing, our consultants will conduct a thorough assessment of your infrastructure, identifying vulnerabilities that may be exploitable by both authenticated and unauthenticated users across your network.
The use of automated tools and in-depth knowledge of manual testing allows us to accurately and effectively assess your infrastructure, maximising the time available.
Assessments are conducted in line with the current standards and methodologies utilised in the industry, such as those outlined in the Penetration Testing Execution Standard (PTES). Using PTES as guidance, Laneden defines our approach in six phases:
- Pre-engagement
- Intelligence Gathering
- Vulnerability Analysis
- Exploitation
- Post Exploitation
- Reporting
- Our consultants engage with the client to discuss the scope and make certain all is in order prior to the assessment beginning
- Communications at the beginning and end of each assessment day, confirming either the assessment is starting or ending for the day.
- On-going communications from the engaged engineer, highlighting any major issues as they come across them.
- A comprehensive report is provided containing an executive summary which gets right to the point of the associated risks and is consumable by anyone in the organisation regardless of their technical background.
- Clear and concise information describing each issue to hand.
- Technical references will be provided when relevant, allowing you to gather more information on the vulnerability if required.
- Each vulnerability will be put into context and given a risk-based score. Utilising CVSS 3 scoring and relevant context you can get a real picture for each associated risk.
- Simple remediation advice, advising what is required to remediate the relevant vulnerability.
FREQUENTLY ASKED QUESTIONS
The Domain Name System (DNS) can be thought of as an address or even as a phonebook lookup. As users of computer systems, we wouldn’t want to try remembering that catchy web site IP address you saw on an ad. You want nice simple words, you enter ‘google.com’ into your browser, and it takes you to the web site you want. This is the handy DNS service translating that nice simple word (aka domain name) into an address for the computer to talk with.
A Domain Controller is a server on a Windows domain network. It hosts a database of network accounts and presents this to the network for authentication purposes and can host various other services associated with Active Directory.
Active Directory’s built-in groups such as Domain Users, Domain Computers and Domain Admins, define the users and systems that can authenticate to the domain as either a domain administrator, general user or computer system. A domain controller is the authenticator of these requests.
The domain controller defines various policies to control security settings, and general administrative functions across systems joined to the domain.
Typically, a domain (this encompasses all systems registered to or authenticated with the domain) hosts multiple domain controllers.
Any changes made on any particular domain controller would put its configuration out of sync of all other domain controllers on the network. To overcome this challenge, replication services update each trusted domain controller on the network.