BlueTeam, LDAP, Nmap, RedTeam, Windows

Searching LDAP using Nmap’s ldap-search.nse script

Nmap has an NSE script, ldap-search.nse, that enables performing queries against LDAP ( Lightweight Directory Access Protocol) services. The goal of this post is to provide an introduction to using the script as well as a couple of practical examples. Continue reading

BlueTeam, Information Security, RDP, TLS

Hardening Microsoft Remote Desktop Services (RDS)

As systems administrators we are often tasked with implementing countermeasures to mitigate risks that we can’t completely address. The intent of this post is to cover methods of reducing the risk presented by having Remote Desktop Services (formerly Terminal Services) available on the network.

The risks that I will cover are:

  • Man in the Middle attacks
  • Sniffing / Traffic capture
  • Brute Force Attacks
  • Information Disclosure

Continue reading