ITCamp 2011 - Paula Januszkiewicz - Password secrets revealed
Paula Januszkiewicz IT Security Auditor, MVP Enterprise Security, MCT Women in Technology CQURE...
-
Upload
milton-manning -
Category
Documents
-
view
213 -
download
0
Transcript of Paula Januszkiewicz IT Security Auditor, MVP Enterprise Security, MCT Women in Technology CQURE...
Useful Hacker Techniques: Which Part of Hackers' Knowledge Will Help You in Efficient IT Administration?Paula JanuszkiewiczIT Security Auditor, MVP Enterprise Security, MCTWomen in TechnologyCQURE
SESSION CODE: SIA333
Agenda
1 2 3
Hacker role in IT development
Hacker Techniques and Demos
Things you should remember and summary
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Hacker Role in IT DevelopmentMake IT security world runningEncourage us to be up to dateTest the newest technology
What is the difference between techniques and habits?
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Check Who Are You Talkin’ to
My DNS is…My mail server is…
I am the administrator, my name is…
nslookup >set type=all>victim.com
Check yourself, they do fingerprintingInteresting ports on 172.18.10.11:Not shown: 1694 closed portsPORT STATE SERVICE21/tcp open war-ftpd25/tcp open smtp42/tcp open nameserver53/tcp open domain80/tcp open http88/tcp open kerberos-sec119/tcp open nntp135/tcp open msrpc139/tcp open netbios-ssn389/tcp open ldap445/tcp open microsoft-ds(…)3389/tcp open ms-term-servDevice type: general purposeRunning (JUST GUESSING) : Microsoft Windows 2003 (94%)
Nmap printout
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Offline AccessBypasses operating system’s security mechanisms
Access Control Lists (ACL)WatchdogsOpen filesSAM database - allows password reset
Easy to use by each userDifficult to use by externals
Offline AccessAccess to the damaged systemFile recovery Password recoveryFull disk problems
Picture: www.xsreviews.co.uk
Offline AccessHow to recover from the system crash?How to read user’s password from Active Directory?
DEMO
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Hotfix AnalysisWhy Hotfixes are released?Hacker’s usage
Change analysisVulnerability / improper system setting areaLimited time
Administrator’s usageWhat will be changed if I install it?Should I really need this?
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Use DebuggerVariable choices
SoftICEWinDbgDEBUGIDA Pro
One idea: to look through the code and data structuresAdministrators: Crash dump analysisProcess Explorer
Picture: commons.wikimedia.org
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Why Data Protection Matters
“More than 100 USB memory sticks, some containing secret information, have been lost or stolen from the Ministry of Defense since 2004, it has emerged.”– BBC News July 2008
“Some of the largest and medium-sized U.S. airports report close to 637,000 laptops lost each year, according to the Ponemon Institute survey released Monday”– PC World June 2008
Use Data EncryptionDifferent levels of encryption
File format levelActive Directory Rights Management Services3rd party tools – for single files / foldersSystem levelVolume level, hardware based
Can be used togetherPrevents offline attacks Picture: ecu.edu
Use Transmission EncryptionDifferent levels of encryption
Application / Format BasedSecure Socket LayerIPSec / tunneling (PPTP, L2LP)Physical encryption
Makes data disclosure and manipulation harder
Picture: joedeacon.com
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Know At Least One Scripting LanguageHackers love scripts
PerlPython
You should love PowerShell 2.0Server Role management modulesServer managementRemotingMicrosoft Common Criteria
Windows PowershellAccount Enumeration, Service Accounts, Service Location, Service File Replacement
DEMO
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Test Your UsersPlay a social engineer roleMonitor them… …and show you do itBreak users’ passwordsTrain them well
Picture: justdesktopwallpapers.com
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Have Your Own ToolkitInternet Browser is sometimes enoughCMD and build-in system toolsSpecialist toolsYour own scriptsSocial engineering skillsPowerShell 2.0
Picture: www.cbc.ca
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
Keep Your Knowledge Up To DateIT resources
Mailing ListsBlogs / RSSWebcasts
Know law regulations in your countrySecurity bulletins
MicrosoftSANSISSOther
Picture: library.nhs.uk
Hacker Role in IT Development
Check who are you talkin’ to
Summary
Offine access
Hotfix analysis
Windows Debugger
Encryption + protection
At least scripting language...
Test your users
Have your own toolkit
Keep your knownledge up to date
SummaryHackers are evil but usually very smart, we can learn a lotHuman nature, not technology is the key to defense against penetration attemptsHacker succeed because they learn faster then administrators
...and test all demos at home!
Resources
www.microsoft.com/teched
Sessions On-Demand & Community Microsoft Certification & Training Resources
Resources for IT Professionals Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet http://microsoft.com/msdn
Learning
Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st
http://northamerica.msteched.com/registration
You can also register at the
North America 2011 kiosk located at registrationJoin us in Atlanta next year
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.