Skip to content

Latest commit

 

History

History
59 lines (40 loc) · 2.32 KB

internal-network.md

File metadata and controls

59 lines (40 loc) · 2.32 KB

Internal Network

Now that we have a basic understanding of networking, lets try to understand a corporate internal network, which consists of the following:

  • Networking devices
  • Hosts devices such as laptop/ desktop
  • Security devices such as firewalls, IDS, IPS etc.
  • Users and Groups
  • Access control
  • Applications & Data

Corporate organizations use centralized access control and directory services aids them with the same.

Active Directory

  • A directory service (similar to a DB) offered by Microsoft
  • Consists of Users, Groups, ACLs, Domains, Trusts etc.
  • Stores user information such as user names, user ids, passwords, rights, relations etc.
  • Provides access control, authentication, and centralized management for the administrators

Domain

  • A network area that is under control of a single authentication database (i.e. the directory)
  • A logical grouping of entities such as users, computers, servers etc. in a network

Domain Controller

  • Server (server role) where the directory is hosted
  • Queried via LDAP for extracting information
  • Usually a cluster of servers where one of them is a Primary DC and other Secondary (master and slave)

Users

  • Domain Users accounts, assigned to users, part of AD, administer by Domain Admins
  • Domain Admins, privileged users accounts on the AD, administer the entire AD
  • Machine accounts, assigned to the laptops, desktops, servers
  • Service accounts, assigned to applications and services
  • Local Users accounts, part of the machine, usually access limited to non-domain resources only, administered by local admins
  • Local Admin accounts, privileged user accounts on local machine, however, these accounts can be administered by domain administrators

LDAP

  • Lightweight Directory Access Protocol, a protocol that provides a way to access data stored in the directory
  • Fetch information from the directory

Authentication & Authorisation

  • Domain-based authentication and authorization is facilitated by NetNTLM and Kerberos
  • Host access is facilitated by LSA and Credential Manager
  • Application such as web services access is facilitated by Digest Authentication, Basic Authentication, Kerberos, etc.

Password Storage

  • AD: NTDS.dit at the primary Domain Controller
  • Host: SAM, LSASS, etc.
  • Application: SSO, Application Databases, etc.