Starting July 04, 2016, we're going to start addressing certain matters of cyber security that today have a global impact on the security of a majority of business and government organizations worldwide.
Until then, over the next few days, I just wanted to very briefly cover a few technical aspects.
Today, I wanted to briefly cover a relatively little-known free Microsoft Active Directory analysis tool known as LDP.exe -
LDP.exe is a free Microsoft utility that can help instantly obtain vast amounts of technical Active Directory configuration data.
Specifically, if you know what to look for and where to look for it, then LDP can help you find it within seconds. Of course, it also has substantial limitations, and that's where advanced tooling comes to the rescue, but there's still a lot of basic reconnaissance that a trusted insider or intruder could perform without detection using LDP.
So, why does a simple utility like LDP.exe deserve any real-estate on this blog?
Our online cyber security intelligence indicates that IT personnel from most organizations to whose Executive Leadership (Chief Executive Officers) we had sent The Paramount Brief a few weeks ago, are today starting to search for LDP.exe.
Is this a coincidence? Most likely, not.
In all likelihood, the right questions are finally being asked at the right levels, and as a consequence, the IT departments of these organizations are (finally) just starting to take a closer and deeper look at their foundational Active Directory deployments. (And, its high time they did so.)
So, again, what does all this have to do LDP.exe being covered on a blog focused on Cyber Security?
We anticipate that in months to come, 1000s of IT professionals and Cyber Security professionals from 1000s of organizations worldwide are going to be searching for LDP.exe, perhaps because that's possibly the (novice) advice they're likely getting from Microsoft, so they can start digging deeper into the current security state of their foundational Active Directory deployments.
We wanted to help them hit the ground running with LDP.exe because if you know as much as we do about Active Directory security, then you'll know that these organizations undeniably need to know the basic stuff, and more importantly a lot more, not just yesterday, but in fact ten years ago, so we put together a quick primer on LDP for them, a link to which can be found below.
We also wanted to advise them NOT to download LDP.exe from any source except from Microsoft's official download point on Microsoft's website, to minimize the possibility of downloading a potentially malicious version of LDP.exe that may have been built and put up by an Advanced Persistent Threat (APT) for reasons you can infer. (To the astute mind: YES, sadly Microsoft has not digitally signed LDP, thus necessitating this advice.)
So here's everything you need to know to download and get started with LDP - LDP.exe for Active Directory - Official Download Source, Usage, Tutorial and Examples.