Monthly Archives: April 2013

Scan fast multiple subnets to CSV files

Posted on by

I need multipe subnets scanned and need an outpu to a CSV file.

For this i will use a program called Softperfect Network Scanner. You candownload it from their website or download it here: [wpdm_file id=80]

First i’ll create an config file which has the settings i need:

I only need the ip, hostname and response time. So i will hide the MAC address from the View menu (Visible Columns). Also i do not need to scan a mac address and shared folders which are enabled by default. I will open the Program Options under the Options memu (or CTRL+K) and deselect the resolve MAC addresses under the Additional tab. Under the Shares tab i deslect the Scan for shared resources.

Now my config is like I want it, I need to save it to a xml file. I save the running config file to xml. Choose File, Current Config, Save to file and place it with the netscan.exe in a folder.

In the online manual you can read all other parameters to scan, but i use the simple command:

netscan /range:172.16.0.1-172.16.0.255 /auto:result.csv

This command will scan all devices within the 172.16.0.0/24 range and save it to a file called result.csv

Optimizing NTLM authentication flow in multi-domain environments

Posted on by

source

8037_image_thumb_524E26B7

 

  1. Client (GUYTEWKS) sends username (EMEA\guyte) to FILESRV01.americas.bigcorp.net
  2. FILESRV01 generates NTLM challenge and sends it back to the client
  3. The client sends NTLM response, containing the encrypted user password hash, to FILESRV01
  4. FILESRV01 passes the authentication request to a DC in the domain it is member of to which it has a secure channel active (USDC01.americas.bigcorp.net in our case)
  5. The USDC01 DC sees that the authentication request is not for its own domain and consults the trust information. AMERICAS domain does not have a direct trust with EMEA domain, but the forest root domain does, hence the DC in AMERICAS domain decides to rout the request to a DC in ROOT domain
  6. USDC01 passes the authentication request to a DC in ROOT domain to which it has an active secure channel (ROOTDC01.bigcorp.net)
  7. ROOTDC01 receives the request, but can not authenticate it locally. Fortunately ROOT domain has a trust with EMEA domain and ROOTDC01 routs the request to a DC in EMEA domain
  8. ROOTDC01 passes the authentication request to a DC in EMEA domain to which it has an active secure channel (EUDC01.emea.bigcorp.net)
  9. EUDC01 sees that it can authenticate the request locally and verifies the credentials.
  10. We are going all the way back (the way we came from) to FILESRV01 to tell it whether the authentication attempt was successful

Read the webpage in PDF:[wpdm_file id=79 title=”true” ]