Hadoop (HDP) cluster kerberos authentication implementation, for security reasons, this article hides some system names and service names, and modified some of the parts that may cause information leakage.
Corporate Smartphone Security (C) - Aim at domain controllers and look for Golden Ticket. Before leaving the internal network, we decided to get the hash of the domain controller, especially the Kerberos account (krbtgt) and wanted to create a Golden Ticket *. Golden Ticket refers to the forged TGT (Ticket Granting Ticket). Similarly, the Silver Ticket is a forged TGS (Ticket Granting Server).
Kafka configures SASL authentication and permission fulfillment documentation. First, the release notes This example uses: zookeeper-3.4.10, kafka_2.11-0.11.0.0. zookeeper version no requirements, kafka must use version 0.8 or later. Second, zookeeper configuration SASLzookeeper cluster or single node configuration the same. Specific steps are as follows: 1, zoo.cfg file configuration add the following configuration: authProvider.1 = org.apa ...
Company Smartphone Security (B) - Aim WSUS Server. After scanning found that there are two hosts to meet our needs, send us a stable remote shell. They are WSUS (Windows Update Server) and Antivirus (Antivirus Related Server), respectively, because these services must have Internet access to update the database, let's start from the first. There is an interesting question, NTLM hash of the local administrator is enough to access this server? Perhaps our answer is yes. In a public ...
The Windows 2000 platform establishes a high security base for access control of enterprise-critical information. can support smart card (smartcard) based authentication, Kerberos, public Key Infrastructure (PKI), encrypted file storage, and network traffic. Powerful management tools ensure that all windows-based client and server systems fully implement the user's security policy. An adaptable platform for rapid deployment of new programs: In the next few years, enterprises ...
This version of the 50x15 Wizard is not successfully connected, the best way is to configure the 50x15 installation file with the Tdisol, by modifying the configuration file to add LDAP server certificate trust to connect to the LDAP server, and then run the relevant TDI command to import the LDAP user into the Connecgtions database. Of course, if allowed, you can also upgrade 50x15 3.0 to 4 ...
Company Smartphone Security (a) - From APK to Golden Ticket: Initial Probing, Getting Domain Admin Access from an Android Smartphone, and More ... This article describes the potential dangers of using a personal smartphone in an enterprise network, These cases are typical after the actual case has occurred. It turns out that it is not difficult to trick an employee into installing a malicious application, bypassing network protection, accessing corporate networks, elevating and obtaining confidential information. In addition, it turns out that bypassing all protection mechanisms (including anti-virus software) without being discovered ...
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.