Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2020

Avoiding SMB Rate Limits During Authentication Attacks

During a penetration test, it's not an uncommon practice for a penetration tester to launch a password attack against Active Directory. Many times this password attack uses a list of domain user accounts that were enumerated or even just a list of potential domain user accounts that were generated randomly. Many penetration testers will either perform just a single password attack or at least 2-3 attempts, depending on domain's password lockout policy is set to.