Security in Active Directory??

Robbo777Robbo777 Member Posts: 331 ■■■□□□□□□□
Where does security come into active directory? When a user logs onto the domain controller, are those passwords stored in a hash? If so then what's actually to stop a user from running wireshark for example and sniffing out that traffic and finding the hash and just using the hash to log on because technically you don't need the clear password, just the hash? Doesn't active directory have any other means of encryption for stuff like this and where do you configure it? I'm not talking about Kerbrous, that's not exactly encryption but just a secure ticketing system. I'm also not talking about VPN's with IPSEC from external connections.
It's just something I'm curious about and how secure active directory actually is? I haven't come across anything really to do with security in active directory so far online and there's nothing in the CBT nuggets 410 series also
Sign In or Register to comment.