Potential Trouble with LDAP Looms with the March 2020 Patch

preview_player
Показать описание
Potential Trouble with LDAP Looms with the March 2020 Patch
LDAP has been a problem for some time in Windows Active Directory. Microsoft delayed the latest patch for it until March. If you haven't started looking at this, there is not much time. You can evaluate and mitigate your affected clients before the patch comes out. This video will get you started with understanding the current state of your supported and patched clients, servers and domain controllers. See what will happen next. Are you ready?

References:

Sway Presentation:

Bonus script
import-module activedirectory
$out = "ldapserver,timegenerated,withoutsigning,simplebinds"
$out
$forest = get-adforest
$ErrorActionPreference = "SilentlyContinue"
$dcs = (Get-ADdomain -server $domain).ReplicaDirectoryServers
$dcs = $dcs + (Get-ADdomain -server $server).ReadOnlyReplicaDirectoryServers
$dcs = $dcs | sort-object
foreach($dc in $dcs){
$dc
$events = ""
$events = get-eventlog -logname "Directory Service" -computername $dc -newest 7 -instanceid 2147486535
foreach($event in $events){
$withoutsigning = "";$simplebinds = ""
$message = $message -split "\r\n"
$withoutsigning = $message[$upper]
$withoutsigning = $withoutsigning.Substring($withoutsigning.IndexOf(":")+1)
#$withoutsigning
$simplebinds = $message[$upper-2]
$simplebinds = $simplebinds.Substring($simplebinds.IndexOf(":")+1)
#$simplebinds
$out
}#Each event
}#Each DC
}#Each domain
  1. ShotokuTech
  2. Active Directory
  3. LDAP
  4. Signing
  5. Binding
  6. Patch
Рекомендации по теме
Potential Trouble with 0:09:19

Potential Trouble with LDAP Looms with the March 2020 Patch

LDAP Patch Crisis 0:11:41

LDAP Patch Crisis Averted For Now Maybe - Latest Information

QTNA #49: LDAP 0:05:15

QTNA #49: LDAP Injection

BHIS | Coercions 1:36:04

BHIS | Coercions and Relays – The First Cred is the Deepest with Gabriel Prud'homme | 1.5 Hours...

Securing Java Applications 0:43:01

Securing Java Applications in the Age of Log4Shell

Secure all the 1:24:12

Secure all the Things! Kerberos, LDAPS, DNS

My Simpleshow - 0:02:32

My Simpleshow - Bromium

Benefiting from Java 0:44:58

Benefiting from Java 9 Improvements

How News Corp 0:50:41

How News Corp Australia Secured Their Digital Transformation Through Identity and Access Management

90th airhacks.tv Questions 0:53:29

90th airhacks.tv Questions and Answers

osquery Office Hours 0:31:03

osquery Office Hours 2024 05 21

Linkurious SDK: Build 0:28:30

Linkurious SDK: Build enterprise-ready graph applications faster

Surge 2012 ~ 0:49:20

Surge 2012 ~ David Pacheco ~ When Node.js Goes Wrong.

Realizing the rate 0:23:16

Realizing the rate management potential of OPERA to maximize revenue

Wargames ~ Java 0:40:20

Wargames ~ Java vulnerabilities and why you should care By Gerrit Grunwald

Building the Fastest 2:08:55

Building the Fastest Java Applications using Open Source

GDPR is Here 0:56:36

GDPR is Here Learn How HashiCorp Vault Can Help with Compliance

Kemp Per App 0:44:11

Kemp Per App Load Balancing with Jason Dover

Wargames - Java 1:08:01

Wargames - Java vulnerabilities and why you should care (06 juin 2024) by Gerrit Grunwald

OpenLM Core Functionality 0:31:29

OpenLM Core Functionality , embedded and advanced license reporting

Big Releases by 0:29:27

Big Releases by VMware & Citrix, HP Acquires Bromium, Teams Vulnerability & More

Easy OAuth with 1:39:39

Easy OAuth with the Durable Spring Authorization Server

Bill Batchelder - 1:07:01

Bill Batchelder - 'Evolving Dominance Hierarchies and Naming Conventions'

CGR- Dr. Richard 1:05:51

CGR- Dr. Richard Cheng, 3/23/22

Комментарии
Автор

Thanks for the video, but the music was distracting.

steventitus
Автор

Thanks for the video, we're currently working on this issue. This could be a bad day for a lot of organizations. Really not too happy with MS and their lead time on this. We've been looking at our insecure LDAP binds and we've got a lot of work to do as well.

InquisiitorWHK