ept security

Commonly Abused Windows Token Privileges: SeNetworkLogonRight

SeNetworkLogonRight— Access this computer from the network

Provides users given this permission the ability to access the system over the network via protocols such as Sever Message Block (SMB), NetBIOs, Common Internet File System (CIFS), and Component Object Model Plus (COM+). Another commonly used protocol that requires this privilege is RDP.

GPO Setting Path

Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment

GPO Setting Name

Access this computer from the network

Token Privilege

SeNetworkLogonRight

Associated Security Frameworks

Mitre ATT&CK: Lateral Movement (TA0008)

STIG: V-220957

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *