Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Step to find out about server information,

Posted on 2006-06-12
2
201 Views
Last Modified: 2010-05-18
http://www.theiia.org/ITAudit/index.cfm?act=itaudit.archive&fid=5622
"
To make a manual anonymous connection, users need to run the following command from a command prompt:

     Net use \\<server ip address>\ipc$ /u:"" "" 

In this example, the user includes the server's Internet protocol address in the command (e.g., 10.10.10.10). The /u switch denotes the user account that is being employed to authenticate to the server — a null user account in this case or anonymous user connection.

After the anonymous connection is established, the user can access various security configurations on that server. The information that an attacker connecting as the anonymous user gathers is typically used in conjunction with other tools or attack methods. Such information includes:

    * Lists of computer users, including those in the Active Directory.
    * Lists of groups from the computer, including the Active Directory.
    * Security identifiers (SIDs) for user accounts.
    * User accounts for SIDs.
    * List of shared folders.
    * Account policies.
    * NetBIOS name.
    * Domain name with which the computer is associated.
    * List of trusted domains.
"

I do understand you can see all the shared folders after you execute the command above(  Net use \\<server ip address>\ipc$ /u:"" "" ). By going to that computer on you my computer //servername
But I don't understand how you can get the list of computer users using anonymous connection.
Can someone give me a demo?

0
Comment
Question by:kecoak
2 Comments
 
LVL 14

Accepted Solution

by:
canali earned 500 total points
ID: 16892526

Set objDomain = GetObject("WinNT://<server ip address>")
objDomain.Filter = Array("User")

For Each objUser In objDomain
    Wscript.Echo objUser.Name
Next

Gas
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question