To summarize Windows groups from the malicious hackers perspective:
Members of the local Administrators group are the juiciest targets on a Windows system
because members of this group inherit complete control of the local system. Domain
Admins and Enterprise Admins are the juiciest targets on a Windows domain because
members of those groups are all-powerful on every (properly con? gured) machine in
the domain. All other groups possess very limited privileges relative to Administrators,
Domain Admins, or Enterprise Admins. Becoming a local Administrator, Domain Admin,
or Enterprise Admin (whether via directly compromising an existing account or by
adding an already-compromised account to one of those groups) is thus almost always
the ultimate goal of an attacker.
Subscribe to:
Post Comments (Atom)
0 comments
Post a Comment