10 Deadly Sins of Administrators about Windows Security

Post on 21-Dec-2014

484 views 1 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

More info on http://www.techdays.be

Transcript of 10 Deadly Sins of Administrators about Windows Security

10 Deadly Sinsof Administrators about Windows Security

PaulaJanuszkiewiczCQURE: IT Security Auditor, MVP: Enterprise Security, MCThttp://blogs.technet.com/plwit/ paula@cqure.pl

http://facebook.com/MVPpress

http://twitter.com/MVPpress

Follow us on:

MVP-Press Training Course

Planning, Deploying and Managing Microsoft Forefront Threat Management Gateway 2010

Available for online purchase: http://www.mvp-press.com

Agenda

1 2 3

Intruduction

Top 10 Sins: From bottom to top

Summary

Agenda

1 2 3

Intruduction

Top 10 Sins: From bottom to top

Summary

10. Weak

DemoWeak Password or… No Password

9. Insecure Internet Browsing

DemoIf you pay peanuts, you get monkeys…?

8. Lack of updates

7. Lack of Encryption

DemoHTTPS Traffic

DemoOffline Access

6. WYSI (NOT) WYG

DemoExplorer.exe

5. Network Monitoring

DemoEvil Website & Sniffing

4. Pirated Software

DemoMalware on Board

3. Lack of Backup Mechanisms

DemoEntryTTL

Entry TTL!

Ouch!

2. Lack of Training

DemoImage Hijacks

1. Lack

of

Documentation

DemoAutoruns

Life without passwords…

10. Weak Passwords

Summary

9. Insecure Internet Browsing

8. Lack of Regular Updates

7. Lack of Encryption

6. WUSI (NOT) WUG

5. Lack of Network Monitoring

4. Using Pirated Software

Top 10 List

3. Lack of Backup Mechanisms

2. Lack of Training

1. Lack of Documentation

Be Proactive!• Infrastructure must be well documented• Split and rotate tasks between admins• Use the legal code

• Perform periodical checks• Autoruns• Kernel Level Files• Network Traffic• Processes

Sourc

e:

Heard

.Typ

ePa

d.c

om

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Top related

Taglines 7 Deadly Sins
 Technology
7 Deadly Sins - Pride
 Spiritual
Seven Deadly Camera Sins
 Documents
7 deadly sins
 Sports
Deadly Sins 22
 Spiritual
7 DEADLY SINS OF LEADERSHIP - Ross Group Consulting LLC Deadly Sins of... · 2011. 8. 18. · 7 DEADLY SINS ! OF LEADERSHIP! ! learning – leadership – performance ... real time
 Documents
“Deadly Sins”
 Documents
The Seven Deadly Sins
 Documents
7 Deadly Sins Poster
 Documents
The Seven Deadly Sins of Process Analyzer Applicationssru.ametekpi.com/wp-content/uploads/2015/06/The-7-Deadly-Sins-of... · The Seven Deadly Sins of Process Analyzer Applications
 Documents
Seven Deadly Sins - wikipedia
 Documents
MARKETING’S 7 DEADLY SINS - Vietnam Businessresearch.vietnambusiness.tv/projectreconnect... · marketing’s deadly sins • #projectreconnect • 1 marketing’s 7 deadly sins
 Documents
Seven deadly theming sins
 Technology
Seven deadly sins - Westfield Big Book Workshopwbbw.org/wp-content/uploads/2017/08/7_deadlysins_Wikipedia.pdf · Seven deadly sins 1 Seven deadly sins For other uses, see Seven Deadly
 Documents
ITCamp 2011 - Paula Januszkiewicz - 10 deadly sins of Windows Administrators
 Technology
The Deadly Sins Diary
 Documents
5 Deadly LinkedIn sins
 Marketing
Ten Deadly Sins of Administrators about Windows Security
 Technology
6 Deadly Style Sins
 Documents
Deadly sins of writing
 Education

Copyright © 2022 FDOCUMENTS