10 Deadly Sins of Administrators about Windows Security Paula Januszkiewicz Penetration Tester, MVP: Enterprise Security, MCT iDesign - CQURE:

Slides:



Advertisements
Similar presentations
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Advertisements

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
What's New in Microsoft Deployment Toolkit 2012 Michael Niehaus Senior Program Manager Microsoft Corporation.
Windows Intune: Cloud Based PC Management (Technical Overview) Elias Mereb Erdal Ozkaya MVP – Windows Expert-IT Pro WideTech Consulting FastLane – AP.
Sysinternals Primer: Gems Aaron Margosis Principal Consultant Microsoft Corporation SIA311.
Customizing the User State Migration Tool Michael Niehaus Senior Program Manager Microsoft Corporation WCL322.
Chapter 7 HARDENING SERVERS.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Paula Januszkiewicz IT Security Auditor, MVP, MCT ISCG Session Code: SIA308.
The Busy Developer’s Guide to Virtualization Brian A. Randell Senior Consultant MCW Technologies AAP301.
Delivering KPIs with Microsoft SQL Server Analysis Services
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Getting Exchange and SharePoint to Play Together J. Peter Bruzzese Exchange MVP, MCSE, MCT Exchange/SharePoint Administration Instructor for TrainSignal.
App Compat for Nerds: Understanding, Troubleshooting, and Fixing Busted Apps chris jackson principal consultant microsoft corporation WCL402.
Optimizing Microsoft SQL Server Analysis Services for Big Data Adam Jorgensen Microsoft Corporation.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Information Security Technological Security Implementation and Privacy Protection.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Week #7 Objectives: Secure Windows 7 Desktop
Best Practices and Lessons Learned: Private Cloud Deployment in the Enterprise Ryan Sokolowski Senior Consultant, Microsoft Consulting Services Microsoft.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
CSAS 2009 Running Windows as a Non- Administrator or how I learned to love “User” By: Kasey Dennler.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.
CPT 123 Internet Skills Class Notes Internet Security Session A.
ASP.NET for Mobile and Tablet Development Damian Edwards Senior Program Manager Microsoft Corporation.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Paul D. Sheriff DEV216 MVVM Made Easy Paul D. Sheriff
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Small Business Security Keith Slagle April 24, 2007.
WSV Problem Background 3. Accelerated Protocols and Workloads 4. Deployment and Management 2. BranchCache Solution Modes 5. BranchCache Protocols.
Crouching Admin, Hidden Hacker Techniques for Hiding and Detecting Traces Paula Januszkiewicz Penetration Tester, MVP: Enterprise Security, MCT iDesign.
Security fundamentals Topic 2 Establishing and maintaining baseline security.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Tips and Tricks: Effectively Manage Your SharePoint Farm with BI Kevin Donovan Program Manager Microsoft Corporation DBI306.
WCL328 - Windows Intune for the Enterprise David Nudelman Senior Consultant – Microsoft MVP OCSL - UK.
The Ultimate Guide to Building Wireless Network Security Hasain Alshakarti Senior Security Advisor, Microsoft MVP Enterprise Security TrueSec Inc SIA307.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 14 – Windows Security.
Cloud-Ready Data Services. cloud data services.
1 Chapter Overview Understanding Shared Folders Planning, Sharing, and Connecting to Shared Folders Combining Shared Folder Permissions and NTFS Permissions.
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Antimalware Smackdown Name: Frank Simorjay Title: TwC Sr. Product Manager Microsoft Corporation Name: Scott Wu Title: MMPC Technical Program Manager Microsoft.
Advanced Microsoft SharePoint 2010 Upgrade Troubleshooting Shane Young – Todd Klindt SharePoint Nerds Rackspace OSP339.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Microsoft Advertising 16:9 Template Light Use the slides below to start the design of your presentation. Additional slides layouts (title slides, tile.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Demystifying Forefront Edge Security Technologies – TMG and UAG Richard Hicks Director – Sales Engineering Celestix Networks, Inc. SIA208.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Chapter 40 Internet Security.
How to Fix Windows 10 Update Error 0x ?.
Nessus Vulnerability Scanning
11/12/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
SIA304 Learning the Basics of Penetration Testing!
11/21/2018 4:57 AM SIA303 Advanced Persistent Threats (APT): Understanding the New Era of Attacks! Marcus Murray Security Team Manager, Microsoft MVP –
Identity Infrastructure Fundamentals and Key Capabilities
Compile and Execute Requirements in Microsoft .NET
Top OS Deployment Issues With Answers from Experts
16. Account Monitoring and Control
6. Application Software Security
8/4/ :27 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
TechEd /18/ :24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Presentation transcript:

10 Deadly Sins of Administrators about Windows Security Paula Januszkiewicz Penetration Tester, MVP: Enterprise Security, MCT iDesign - CQURE: SIA300

1 IntroductionSummary Top 10 Sins 23

1 IntroductionSummary 23 Top 10 Sins

(s) Sin 10: Misunderstanding

Will you share your passwords with others? We do this every day! How do services store passwords? Passwords are often similar to your other passwords At least one of them can be easily accessed by the administrator of the service Be prepared for password loss and service recovery

demo Passwords Never Sleep

I will get your pendrive anyway… Sin 9: Ignoring Offline Access

Offline access allows someone to bypass a system’s security mechanisms Useful in critical situations Almost every object that contains information can be read offline It is a minimal privilege for the person with good intentions It is a maximum privilege for… everybody else Simplified offline access is acceptable if you do not value your information

demo Sophisticated Offline Access

Sin 8: Incorrect Access Control

demo (Lack of) Permissions in the Operating System

Sin 7: Using Old Technology

Hacker’s role here is very valuable It is hard to be up to date with technology But some of the antiques like NT4.0 should be thrown on the scrap heap! Perform periodic revisions Even old technology requires updates Sometimes it is not possible (f.e. LNK vulnerability in W2K)

demo Old Technology a Little Bit Too… Old

Sin 6: Encryption… What is encryption?

Data Encryption Protects from offline access – stolen laptops, tapes Transmission Encryption Protects from outsiders testing the network sockets HTTPS – Man-In-The-Middle Encryption is problematic for users Let’s use the lower layer encryption (BitLocker, IPSec) New Security Motto: Encrypt when you can!

demo Easy and Useful Encryption

Sin 5: Installing Pirated Software

Installation of software is performed on the administrative account Malformed installation files are not necessary recognized by antivirus software UAC is not the protection method as everybody is used to giving Installer high privileges Keep your toolbox up to date and keep the checksums in a different place

No… 20 of 20 IT admins said: Do you check for the file’s signatures before installation?

Do you perform periodic security checks of your folder with installation files? No? 18 of 20 IT admins said:

demo Malware Around the Corner

Sin 4: Lack of Network Monitoring

Violation of the one well known rule: Do not allow traffic that you do not know Most of the protocols have space for data Why not put the sensitive information there and send it out? Malicious traffic can be easily connected to the process It can happen once a month You need context based tools: Network Monitor, Network Miner etc.

demo Monitoring Network Traffic

Sin 3: What You See Is NOT What You Get

Explorer.exe is owned by user Lack of the NTFS permissions does not mean that somebody cannot access the file Troubleshooting after the injection is difficult Rootkits influence the operating system behavior Conclusion: Always have at least two methods of troubleshooting the same issue

demo Blinded Operating System

Sin 2: Too Much Trust In People

The cheapest and most effective attacks are often nontechnical People tend to take shortcuts It is hard to control their intentions They should not be a part of a security chain Monitor them… and show that you’re doing itPerform periodical audits of your infrastructure

demo User Becomes Evil

Sin 1: Lack of Documentation

Is this really the admin’s sin?The negative side of this sin is that you need to trust people Most companies are not prepared for the IT Staff going on a… vacation Set up the rules before creating the solutions

1 IntroductionSummary 23 Top 10 Sins

Sin 10: Misunderstanding PasswordsSin 5: Installing Pirated SoftwareSin 9: Ignoring Offline AccessSin 4: Lack of Network MonitoringSin 8: Incorrect Access ControlSin 3: What You See is NOT What You GetSin 7: Using Old TechnologySin 2: Too Much Trust in PeopleSin 6: Encryption… What is encryption?Sin 1: Lack of Documentation & Training

Split and rotate tasks between admins Eliminate at least one of the sins in your organization Periodically attend trainings and organize them Audit your environmentUse the legal code Source: Heard.TypePad.com

Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

Required Slide Complete an evaluation on CommNet and enter to win!

Scan the Tag to evaluate this session now on myTechEd Mobile

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.