Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Published byJeffery Shepherd Modified over 8 years ago

Similar presentations

Presentation on theme: "Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia."— Presentation transcript:

1 Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA 5880 - © Abdou Illia

2 Objectives  Describe the tools available to assess Microsoft system vulnerabilities  Describe the vulnerabilities of Microsoft operating systems  Describe the vulnerabilities of services running on Microsoft operating systems  Explain techniques to harden Microsoft systems against common vulnerabilities  Describe best practices for securing Microsoft systems 2

3 Microsoft tools  The OS developer tools may be the most effective for assessing vulnerabilities  They have interest in providing tools that improve their system’s security  Microsoft offer the following vulnerability assessment and fixing tools:  Microsoft Baseline Security Analyzer (MBSA)  Winfingerprint  HFNetChk 3

4 MBSA  Effective tool that checks for  Patches for major Microsoft products  Security updates for major Microsoft products  Configuration errors  Blank or weak passwords  Others  MBSA supports remote scanning  Associated product must be installed on scanned computer 4

5

6

7 Using MBSA  System must meet minimum requirements before installing MBSA on a computer  After installing, MBSA can  Scan itself  Scan other computers remotely  Be scanned remotely 7

8 8

9 HFNetChk  HFNetChk is part of MBSA  Available separately from Shavlik Technologies  Versions  Advanced command line  GUI  Scanning types  MBSA-style scan  HFNetChk-style scan  You must be an administrator on the scanned machine to run the scan 9

10 Winfingerprint  Administrative tool  It can be used to scan network resources  Exploits Windows null sessions  Detects  NetBIOS shares  Disk information and services  Null sessions 10

11 Winfingerprint (continued)  Its capabilities also include  ICMP and DNS resolution  OS detection  Service packs and hotfixes  Running modes  Passive  Interactive  Can be run on a single machine or the entire network  You can also specify IP addresses or ranges 11

12 12

13 13

14 14  Microsoft integrates many of its products into a single packet  Good software engineering practice  Creates a single point of failure  Security testers should search for vulnerabilities on  The OS they are testing  Any application running on the target computer  Good information sources  Common Vulnerabilities and Exposures (CVE) site  Vendor Web site Microsoft OS Vulnerabilities

15 15

16 Remote Procedure Call (RPC)  RPC is an interprocess communication mechanism  Allows a program running on one host to run code on a remote host  Examples of worms that exploited RPC  MSBlast (LovSAN, Blaster)  Nachi  Use MBSA to detect if a computer is vulnerable to an RPC-related issue 16

17 Server Message Block (SMB)  Used by Windows 95, 98 and NT to share files  Usually runs on top of NetBIOS, NetBEUI or TCP/IP  Hacking tools  L0phtcrack’s SMB Packet Capture utility  SMBRelay 17

18 Closing SMB Ports  Best way to protect a network from SMB attacks  Routers and firewall should filter out ports  137 to 139  445 18

19 19 Common Internet File System (CIFS)  CIFS replaced SMB for Windows 2000, XP, and Windows 2003 Server  SMB is still used for backward compatibility  Remote file system protocol  Enables computers to share network resources over the Internet  Relies on other protocols to handle service announcements

20 Understanding Samba  Open-source implementation of CIFS  Created in 1992  Samba allows sharing resources over multiple OSs  Samba accessing Microsoft shares can make a network susceptible to attack  Samba is used to “trick” Microsoft services into believing the *NIX resources are Microsoft resources 20

21 Understanding Samba (continued)  Enable sharing resources  Configure the Smb.conf file to include any shared files or printers  Run the Testparm to identify any syntax error in the Smb.conf file  User is prompted for a user name and password  Other files and commands  Smbpasswd file  Smbuser command 21

22 Vulnerabilities in Microsoft Services 22  Internet Information Services (IIS)  SQL Server

23 Web Services  IIS 6.0 installs with a “secure by default” posture  Previous versions left crucial security holes  Configure only services that are needed  Windows 2000 ships with IIS installed by default  Running MBSA can detect IIS running on your network 23

24 SQL Server  SQL vulnerabilities exploits areas  The SA* account with a blank password  SQL Server Agent  Buffer overflow  Default SQL port 1433  Vulnerabilities related to SQL Server 7.0 and SQL Server 2000 24 * Server Administrator

25 The SA Account  SQL Server 6.5 and 7 installations do not require setting a password for this account  SQL Server 2000 supports mixed-mode authentication  SA account is created with a blank password  SA account cannot be disabled 25

26 SQL Server Agent  Service mainly responsible for  Replication  Running scheduled jobs  Restarting the SQL service  Authorized but unprivileged user can create scheduled jobs to be run by the agent 26

27 Default SQL Port 1443  SQL Server is a Winsock application  Communicates over TCP/IP using port 1443  Spida worm  Scans for systems listening on TCP port 1443  Once connected, attempts to use the xp_cmdshell  Enables and sets a password for the Guest account  Changing default port is not an easy task 27

Download ppt "Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia."

Similar presentations

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
CMSC 691X – Summer 2002 Project By Pravin D’Souza.

CMSC 691X – Summer 2002 Project By Pravin D’Souza.
Installing Samba Vicki Insixiengmay Jonathan Krieger.

Installing Samba Vicki Insixiengmay Jonathan Krieger.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.

1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Module 7: Configuring TCP/IP Addressing and Name Resolution.

Module 7: Configuring TCP/IP Addressing and Name Resolution.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008

Similar presentations

Ads by Google