When you connect to a server through an MMC console on a local computer (dsa.msc for example), what ports does the connection occur on?
Is there any kind of protection from a rogue station hijaking the connection?
Asked
Active
Viewed 615 times
1 Answers
1
If I use Computer Management and connect to another computer, it's using microsoft-ds, which is port 445. Since there's a lot of traffic in a Microsoft network traveling over 445, I'm pretty certain that they do good things to prevent it being "hijacked" - whatever you mean by that. Do you mean MiTM attacks?
In most AD domains, authentication is handled by Kerberos, so a "rogue station" doesn't have the tickets that your session has. If you don't know much about Kerberos in AD, you'll definitely want to read up on it.
mfinni
- 36,144
- 4
- 53
- 86