Great video. The million dollar question, by making these changes what possibly could break? It's fine in a lab but in production this question has to be asked. I know it has to be done, but management will want to know what impact this change could have on the environment? Will production systems, old and new, stop communicating? Thanks for the video.
Great tutorial, this is still an ongoing problem for organizations with legacy systems where they simply cannot afford to disable LLMNR and NBT-NS. Guess one of the mitigations action is to enforce a strong password policy standard say minimum of 16 characters to deter offline cracking.
Great point! I'd argue that the long-term plan is to get those legacy devices upgraded, and the short-term plan is to make sure they're isolated on their own networks without users logging into them. A strong password policy will help with the cracking aspect, but it doesn't prevent NTLMv2 Relay attacks unless SMB Signing is also enforced across the organization.
@@InfiniteLogins I agree with with you most definitely, I forgot to mention SMB Signing as another mitigation earlier. Oh by the way I enjoy your tutorials, keep up the good work and thank you.
Hy,I have my windows server in hyper-V. Right now I am practicing attack and defense in AD.I wanted to attack my lab misconfigurations from my system windows. How should I configure my server so that I should not have to installed another OS on hyper-V just for attacking(coz I don't have a powerful comp).
@@InfiniteLogins Glad you replied.It's just that can I attack my windows server which is installed in hyper-v from my system os ? Like how do I do kerbroasting from my system windows to the server which is on hyper-v?