1. 

2.  User groups o Cisco, SQL, Virtualization  Conferences o GrrCON, SQL Saturday  Hands-On o Capture the Flag o Forensics  RSS  Exploit-DB updates  SecurityFocus Vuln..  Content on Security Street  Twitter  @markrussinovich  @Wh1t3Rabbit  @EggDropX  @msftsecurity

3.  Network communication vital Proxies Corporate/Windows Firewalls

4. Problem: Hackers don’t care about Authorization

5.  BackTrack (bt) Bootable, vm, phone o Zenmap o Metasploit framework 927+ exploits 251+ payloads Meterpreter o Social Engineering Toolkit o Netdiscover o Fasttrack & autopwn

6.  Kali Linux Bootable, vm, phone o Metasploit framework 927+ exploits 251+ payloads Meterpreter o Social Engineering Toolkit o Netdiscover o BBQSQL (sql injection) o AND MORE!

7.  Interesting Commands o Getuid o GetSystem o Ps o kill o Migrate o Shell o Hashdump o Webcam_snap o clearev

9.  If you are not patching, no reason for pen testing  Don’t forget 3 rd party utilities  Peer review servers  cleanup

10.  Blank or weak ‘sa’ password  Default 3 rd party passwords  Accidental administrators(Dev)  Over privileged services(System)  Extra un-used services(Writer)  Extra un-used protocols (SQL Auth)

11.  Reversing patches is common practice o Midi file buffer overflow exploited in wild 16 days after the patch  Common msf exploits used MSYY- naming convention  CVE – common vulnerabilities and exposures  Know unsupported dates

12.  Layers that still work o Firewalls o Strong Passwords o Antivirus o Patches o Group Policy o Log Monitoring o Least privilege o Audits and Testing  DR o Did someone say zombies?

13.  Don’t be a disabler for business.

20.  Other hacks? o ‘ OR 1=1; -- Create table, insert web.config o Browser based attacks o The next MS08_067  Review whiteboarding