Gregory's Server@thegibson - about a year after that I was testing an ISP’s out of band management network when I noticed a flood of ICMP TTL expired fly across my tcpdump window. (Always recorded all my tests)
A second later their two largest, most powerful, routers crashed due to a routing loop.
The worst part was before I started I confirmed with the network team there were no routing loops because I wanted to be more aggressive with scanning.
@thegibson - impressively, not my failure , but my team mate somehow deleted everyone from domain/enterprise administrators.
The recovery was amazingly dumb. After several failed attempts to hack in and elevate privs one of us realized Tripwire ran as administrator. He threw together a batch script to add himself to domain admins and within minutes he was in.
In hind site we spent a lot of time hardening AD and the controllers. Don’t get to see that as much as I’d appreciate