3

I have a remote server where I want to acquire admin access by opening the admin share with: 

net use \\123.123.123.123\admin$ password /user:username

This is in order to issue the following command later:

sc \\123.123.123.123 query tomcat7-8888

After a while of waiting for net use to finish, I get system error 53 network-path not found. I then googled and found the group policy setting:

Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers

might help.

It didn't make a difference though.

Any idea how to make it work? Is it even advisable to open a box up like this in terms of security?

Adder
  • 131
  • 4
  • The most likely cause is the firewall configuration on the server. You should probably undo whatever group policy changes you've made on the client. – Harry Johnston Aug 01 '19 at 04:24

1 Answers1

4

Kerberos is not used when you connect to SMB shares by using IP address and if a client tries to connect to e.g. a share by its IP address it would fall back to NTLM.

NT Lan Manager (NTLM) is a proprietary Microsoft security protocol for providing authentication in the Windows operating system. NTLM has a number of known vulnerabilities, including that it uses weaker cryptography and has no server authentication.

The workaround/solution:

  1. Allow NTLM with GPO or local policy. Or add exceptions like in this guide.

  2. Use FQDN/PQDN for connection instead of IPs

batistuta09
  • 8,723
  • 9
  • 21
  • Do you have some reason to think that the OPs problem is related to NTLM? Since the request is timing out, it seems more likely that the remote machine is firewalled. – Harry Johnston Aug 02 '19 at 08:45