Security Risk Advisors

Category: Red Teams

Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 3 of 5)

May 16, 2011 | Posted in Red Teams by Chris Salerno

3. Your remote access technology uses a blank or easily guessable password

You may be noticing a pattern by now; blank or weak passwords that lead directly to system administration.  Remote administration technologies make life easier for administrato… Continue Reading

Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 2 of 5)

May 12, 2011 | Posted in Red Teams by Chris Salerno

2. The local administrator password is blank or easily guessable

Once again, this one isn’t rocket science, but we still see this issue all too often.  Whether it’s that third-party vendor system that no one can change the password on or an Administra… Continue Reading

Top 5 Simple Ways I Became Domain Administrator on your Internal Network and How to Prevent them from Happening (Part 1 of 5)

May 6, 2011 | Posted in Red Teams by Chris Salerno

Your internal network is open to attack.  Having done over thirty internal penetration tests and obtained domain/enterprise administrator access on each one, a pattern begins to develop.  This series lists the top five simple ways we see internal net… Continue Reading