hi,
I have installed ATA center and gateway in a lab environment.
Can anyone
provide a few examples on how can I simulate abnormal behavior in the lab environment
T Thanks
how to generate events of abnormal behavior
August 12th, 2015 4:31am
Hello,
For Pass-The-Hash, Pass-The-Ticket and Golden ticket you could use the Mimikatz tool but only on lab environment.
Regards,
Free Windows Admin Tool Kit Click here and download it now
August 12th, 2015 5:54am
Would be awesome to get hands on the tool demo'ed in this webcast - https://channel9.msdn.com/events/Ignite/2015/BRK3870
Great for demo purposes for presales activities.
August 27th, 2015 7:23pm
Also, just learnt this: the ATA Center requires a minimum of 21 days of data for user behavioral analytics...so you may have to wait for 21 days before anything pops up in the Console...
https://technet.microsoft.com/en-us/library/dn707709.aspx
Free Windows Admin Tool Kit Click here and download it now
August 31st, 2015 9:44pm
you still get information in the console. the known attack methods still display. i have seen this in both the preview and now the GA bits for things like broken trust and unsecure LDAP bind... thanks!
September 2nd, 2015 3:30pm
This topic is archived. No further replies will be accepted.
Other recent topics
