295
posted ago by ostof ago by ostof +295 / -0

Nerdpedes,

have a look at

https://security.stackexchange.com/questions/64915/what-are-the-biggest-security-concerns-on-pxe

Best of:

I can capture a full machine image. Do your systems automatically connect to the domain controller after setting up the machine? If so, this image probably has domain controller credentials on it, that I can capture and use elsewhere.

Computer makes a DHCP request --> DHCP server responds with address and PXE parameters --> Computer downloads boot image using TFTP over UDP

If the good guys got the traffic on that low level, unencrypted. Then they would have it all.