Не отслеживается
Тег, не отслеживаемый корпорацией Майкрософт.
Вопросы: 17
Mass amount of pass the ticket
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 64%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SultanHck
0
Баллы репутации
Hi!
We have been detecting the massive ammount of pass the ticket activity in our AD. There is an alarm generated in ad monitoring system every minute. No technique or process created or used that would indicate that the attack is pass the ticket(no mimikatze or rubeus). I would like to know how the microsoft decides if the attack is pass the ticket. according to which parameters and fields. If it is configuration issue then we would like to fix it immediately.
Войдите в систему, чтобы ответить