The MH DeskReference
Version 1.2
Written/Assembled by
The Rhino9 Team
Table of Contents
=Part One=
=Essential background Knowledge=
[0.0.0] Preface
[0.0.1] The Rhino9 Team
[0.0.2] Disclaimer
[0.0.3] Thanks and Greets
[1.0.0] Preface To NetBIOS
[1.0.1] What is NetBIOS?
[1.0.2] NetBIOS Names
[1.0.3] NetBIOS Sessions
[1.0.4] NetBIOS Datagrams
[1.0.5] NetBEUI Explained
[1.0.6] NetBIOS Scopes
[1.2.0] Preface to SMB's
[1.2.1] What are SMB's?
[1.2.2] The Redirector
[2.0.0] What is TCP/IP?
[2.0.1] FTP Explained
[2.0.2] Remote Login
[2.0.3] Computer Mail
[2.0.4] Network File Systems
[2.0.5] Remote Printing
[2.0.6] Remote Execution
[2.0.7] Name Servers
[2.0.8] Terminal Servers
[2.0.9] Network-Oriented Window Systems
[2.1.0] General description of the TCP/IP protocols
[2.1.1] The TCP Level
[2.1.2] The IP level
[2.1.3] The Ethernet level
[2.1.4] Well-Known Sockets And The Applications Layer
[2.1.5] Other IP Protocols
[2.1.6] Domain Name System
[2.1.7] Routing
[2.1.8] Subnets and Broadcasting
[2.1.9] Datagram Fragmentation and Reassembly
[2.2.0] Ethernet encapsulation: ARP
[3.0.0] Preface to the WindowsNT Registry
[3.0.1] What is the Registry?
[3.0.2] In Depth Key Discussion
[3.0.3] Understanding Hives
[3.0.4] Default Registry Settings
[4.0.0] Introduction to PPTP
[4.0.1] PPTP and Virtual Private Networking
[4.0.2] Standard PPTP Deployment
[4.0.3] PPTP Clients
[4.0.4] PPTP Architecture
[4.0.5] Understanding PPTP Security
[4.0.6] PPTP and the Registry
[4.0.7] Special Security Update
[5.0.0] TCP/IP Commands as Tools
[5.0.1] The Arp Command
[5.0.2] The Traceroute Command
[5.0.3] The Netstat Command
[5.0.4] The Finger Command
[5.0.5] The Ping Command
[5.0.6] The Nbtstat Command
[5.0.7] The IpConfig Command
[5.0.8] The Telnet Command
[6.0.0] NT Security
[6.0.1] The Logon Process
[6.0.2] Security Architecture Components
[6.0.3] Introduction to Securing an NT Box
[6.0.4] Physical Security Considerations
[6.0.5] Backups
[6.0.6] Networks and Security
[6.0.7] Restricting the Boot Process
[6.0.8] Security Steps for an NT Operating System
[6.0.9] Install Latest Service Pack and applicable hot-fixes
[6.1.0] Display a Legal Notice Before Log On
[6.1.1] Rename Administrative Accounts
[6.1.2] Disable Guest Account
[6.1.3] Logging Off or Locking the Workstation
[6.1.4] Allowing Only Logged-On Users to Shut Down the Computer
[6.1.5] Hiding the Last User Name
[6.1.6] Restricting Anonymous network access to Registry
[6.1.7] Restricting Anonymous network access to lookup account names and network shares
[6.1.8] Enforcing strong user passwords
[6.1.9] Disabling LanManager Password Hash Support
[6.2.0] Wiping the System Page File during clean system shutdown
[6.2.1] Protecting the Registry
[6.2.2] Secure EventLog Viewing
[6.2.3] Secure Print Driver Installation
[6.2.4] The Schedule Service (AT Command)
[6.2.5] Secure File Sharing
[6.2.6] Auditing
[6.2.7] Threat Action
[6.2.8] Enabling System Auditing
[6.2.9] Auditing Base Objects
[6.3.0] Auditing of Privileges
[6.3.1] Protecting Files and Directories
[6.3.2] Services and NetBios Access From Internet
[6.3.3] Alerter and Messenger Services
[6.3.4] Unbind Unnecessary Services from Your Internet Adapter Cards
[6.3.5] Enhanced Protection for Security Accounts Manager Database
[6.3.6] Disable Caching of Logon Credentials during interactive logon.
[6.3.7] How to secure the %systemroot%\repair\sam._ file
[6.3.8] TCP/IP Security in NT
[6.3.9] Well known TCP/UDP Port numbers
[7.0.0] Preface to Microsoft Proxy Server
[7.0.1] What is Microsoft Proxy Server?
[7.0.2] Proxy Servers Security Features
[7.0.3] Beneficial Features of Proxy
[7.0.4] Hardware and Software Requirements
[7.0.5] What is the LAT?
[7.0.6] What is the LAT used for?
[7.0.7] What changes are made when Proxy Server is installed?
[7.0.8] Proxy Server Architecture
[7.0.9] Proxy Server Services: An Introduction
[7.1.0] Understanding components
[7.1.1] ISAPI Filter
[7.1.2] ISAPI Application
[7.1.3] Proxy Servers Caching Mechanism
[7.1.4] Windows Sockets
[7.1.5] Access Control Using Proxy Server
[7.1.6] Controlling Access by Internet Service
[7.1.7] Controlling Access by IP, Subnet, or Domain
[7.1.8] Controlling Access by Port
[7.1.9] Controlling Access by Packet Type
[7.2.0] Logging and Event Alerts
[7.2.1] Encryption Issues
[7.2.2] Other Benefits of Proxy Server
[7.2.3] RAS
[7.2.4] IPX/SPX
[7.2.5] Firewall Strategies
[7.2.6] Logical Construction
[7.2.7] Exploring Firewall Types
[7.2.3] NT Security Twigs and Ends
=Part Two=
=The Techniques of Survival=
[8.0.0] NetBIOS Attack Methods
[8.0.1] Comparing NAT.EXE to Microsoft's own executables
[8.0.2] First, a look at NBTSTAT
[8.0.3] Intro to the NET commands
[8.0.4] Net Accounts
[8.0.5] Net Computer
[8.0.6] Net Config Server or Net Config Workstation
[8.0.7] Net Continue
[8.0.8] Net File
[8.0.9] Net Group
[8.1.0] Net Help
[8.1.1] Net Helpmsg message#
[8.1.2] Net Localgroup
[8.1.3] Net Name
[8.1.4] Net Pause
[8.1.5] Net Print
[8.1.6] Net Send
[8.1.7] Net Session
[8.1.8] Net Share
[8.1.9] Net Statistics Server or Workstation
[8.2.0] Net Stop
[8.2.1] Net Time
[8.2.2] Net Use
[8.2.3] Net User
[8.2.4] Net View
[8.2.5] Special note on DOS and older Windows Machines
[8.2.6] Actual NET VIEW and NET USE Screen Captures during a hack
[9.0.0] Frontpage Extension Attacks
[9.0.1] For the tech geeks, we give you an actual PWDUMP
[9.0.2] The haccess.ctl file
[9.0.3] Side note on using John the Ripper
[10.0.0] WinGate
[10.0.1] What Is WinGate?
[10.0.2] Defaults After a WinGate Install
[10.0.3] Port 23 Telnet Proxy
...
arturosailor