hi,
I have installed ATA center and gateway in a lab environment.
Can anyone
provide a few examples on how can I simulate abnormal behavior in the lab environment
T Thanks
Technology Tips and News
hi,
I have installed ATA center and gateway in a lab environment.
Can anyone
provide a few examples on how can I simulate abnormal behavior in the lab environment
T Thanks
Hello,
For Pass-The-Hash, Pass-The-Ticket and Golden ticket you could use the Mimikatz tool but only on lab environment.
Regards,
Would be awesome to get hands on the tool demo'ed in this webcast - https://channel9.msdn.com/events/Ignite/2015/BRK3870
Great for demo purposes for presales activities.
Also, just learnt this: the ATA Center requires a minimum of 21 days of data for user behavioral analytics...so you may have to wait for 21 days before anything pops up in the Console...
https://technet.microsoft.com/en-us/library/dn707709.aspx
you still get information in the console. the known attack methods still display. i have seen this in both the preview and now the GA bits for things like broken trust and unsecure LDAP bind... thanks!