Hacking Windows 2000. What to do first?  Patch : of course the first thing to do is apply SP3 and the critical updates. More will come …critical updates.

Slides:

Advertisements

Similar presentations

Ethical Hacking Module IV Enumeration.

Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

System and Network Security Practices COEN 351 E-Commerce Security.

Chapter 7 HARDENING SERVERS.

Chapter 4 Chapter 4: Planning the Active Directory and Security.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Windows 2003 SP1 Member Server in ASU Active Directory WNUG/CCC February 2, 2006 Sharon Bushart CLAS Information Technology.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

Chapter 13 Chapter 13: Managing Internet and Network Interoperability.

Network Shares and Accounts Sharing Printers, Drives, Folders – Setup Windows 95/98 Windows NT (2000, XP) Linux – Users – Groups.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 

Windows Assessment Vulnerability Assessment Course.

Network Client Configuration By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Chapter 6 Enumeration Modified Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

One to One instructions Installing and configuring samba on Ubuntu Linux to enable Linux to share files and documents with Windows XP.

Module 7: Configuring TCP/IP Addressing and Name Resolution.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.

Hands-On Ethical Hacking and Network Defense

User Manager for Domains.  Manages the user accounts in a domain  It is located in the PDC  While User Manager exists in each NT machine, but it is.

Chapter Six Windows XP Security and Access Controls.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 19 PCs on the Internet.

IMPLEMENTING F-SECURE POLICY MANAGER. Page 2 Agenda Main topics Pre-deployment phase Is the implementation possible? Implementation scenarios and examples.

1 Chapter Overview Installing the TCP/IP Protocols Configuring TCP/IP.

Troubleshooting Windows Vista Security Chapter 4.

Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.

COMP1321 Digital Infrastructure Richard Henson February 2014.

Computer Security and Penetration Testing Chapter 16 Windows Vulnerabilities.

70-270: MCSE Guide to Microsoft Windows XP Professional 1 Windows XP Professional User Accounts Designed for use as a network client for: Windows NT Windows.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

How to configure DNS for a Windows 2000 domain? 1.Start the Install/Remove Programs Control Panel Applet (Start - Settings - Control Panel - Add/Remove.

Windows 2000, Null Sessions and MSRPC Todd Sabin BlackHat Windows 2000, Feb

Chapter 3 Enumeration Last modified Definition Scanning identifies live hosts and running services Enumeration probes the identified services.

Chapter 4  Configuration: Client/Server Components 1 Chapter 4 Overview  Configure client/server components o Network interface card (NIC) o Windows.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Week 4-1 Week 4: Enumeration What is Enumeration? –Now that you have a live target the next step is find what services are running and what version.

TCOM Information Assurance Management System Hacking.

Network Infrastructure Microsoft Windows 2003 Network Infrastructure MCSE Study Guide for Exam

Hands-On Ethical Hacking and Network Defense

WEEK 11 – TOPOLOGIES, TCP/IP, SHARING & SECURITY IT1001- Personal Computer Hardware System & Operations.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Module 8 Implementing Security Using Group Policy.

Overview Microsoft Windows XP Pro (SP2) Microsoft Windows Server 2003 User accounts and groups File sharing and file permissions Password/Lockout Policy.

COMP1321 Digital Infrastructure Richard Henson March 2016.

Windows Vista Configuration MCTS : Advanced Networking.

Configuring the User and Computer Environment Using Group Policy Lesson 8.

Mitchell Adair Computer Security Group Feb. 10th, 2010 Enumerating Windows Users.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Hacking Windows.

Footprinting and Scanning

Implementing a Secure ISA Server

Lesson #10 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 10 Configuring Network and Firewall Settings.

– Chapter 3 – Device Security (B)

Presentation transcript:

Hacking Windows 2000

What to do first?  Patch : of course the first thing to do is apply SP3 and the critical updates. More will come …critical updates  Null session countermeasure : RestrictAnonymous using the Local Security Policy applet.Local Security Policy  Disable NetBIOS over TCP/IP:  open Network and Dial-Up Connections, select Local Area Connections, Internet Protocol (TCP/IP) Properties, Advanced, Select the WINS tab and disable NetBIOS over TCP/IP. This disables connection to port 139Network and Dial-Up Connectionsdisable NetBIOS over TCP/IP  again in Network and Dial-Up Connections, select Advanced from the toolbar, Advanced settings and de-select File and Printer sharing as shown here. This disables connection to port 139 and 445.here  Close ports: TCP LDAP and Global Catalog (Active Directory) at the firewall. See table 6.1 for 2k ports. Terminal Server TCP  Disable: Zone Transfers, SNMP service in Servers (see next chart).

Zone transfers, SNMP, etc (3)  Check that NetBios enumeration is closed: use nat xxx.xxx.xxx.xxx.nat  Change SNMP from public to private community name to prevent SNMP enumeration.public  Block Win 2000 DNS Zone Transfer (AD and DNS). Computer Mgmt, Services and Applications, DNS, only for specified servers not all as default (WS not vulnerable).  Check security settings in Domain Controller ports 389 and 3268 (Active Directory). Filter these ports at the network border router (firewall). Remove Everyone group from access.  Lock BIOS setup, boot from HD only, otherwise vulnerable to NTFSDOS combined with l0phtcrack.NTFSDOSl0phtcrack

What else?  Set IP Sec : block ping, filters host-based port filtering. You can use command prompt (Ipsecpol.exe -- see book for examples) or graphical dialogs from the Local Security Policy applet. graphical dialogs  Passfilt : enable Passfilt to strength password as shown in this image.this image  Kerberos V5: only Win2K machines have it, downgrades to NT and LAN Manager authentication if Win 9x/NT are involved.  DoS : only gateway/firewall can actually prevent, but Win2k provide registry keys you can tinker with when under attack (to help, not solve the problem).  AD vs SAM: AD in domain controllers, SAM in WS and ordinary servers, with the same NT vulnerabilities, but uses SYSKEY by default. See this article on how SYSKEY can be by-passed (use NTFSDOS) and hashes added to the SAM.this article  EFS attack: deleting the SAM blanks the Administrator password!!! Set BIOS password and C: drive boot only. This allows to login as Administrator (the recovery agent) and decrypt the content of the files (just open and save in a regular folder). It is possible to backup the recovery keys.backup the recovery keys runas.exe.  Others: LSA secrets, AD replication, Terminal Server(3389), Use runas.exe.LSA secrets