Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kennesaw State University

Published by奥 郭 Modified over 6 years ago

Similar presentations

Presentation on theme: "Kennesaw State University"— Presentation transcript:

1 Kennesaw State University
How To Hack Windows Brent Williams MCSE, CNE, A+, N+, XP-MCP Kennesaw State University (Atlanta, Georgia)

2 Agenda Why Talk About Hacking? Hacking Scenarios
Utilities, Techniques, and Ideas Preventive Methods New Threats

3 Hackers Know… They Look for Targets of Opportunity
Most System Administrators are Self-Taught Most Don’t Know of Basic Security Issues in Windows Many Systems are Left Vulnerable

4 Think Like a Hacker (or script-kiddie, if you prefer!)

5 Hacking Steps Casing the Establishment
Public Sources Social Engineering Network Hacking (Attack a Server) Information Retrieval System Damage System Hacking (Attack a PC)

6 NETWORK ATTACK

7 Footprinting: Target Acquisition
Visit Their Web Site Open Source Search – People ( ) Sam Spade Nslookup Tracert Visual Route

8

9

10

11

12

13 Scanning Ping sweeps Look for Ping Ultrascan Superscan
WS_Ping (Ipswitch) Look for Port 80 Port 139 and 445 Port 21

14

15 Protect and Check Firewall Software Shields Up? www.zonealarm.com
Shields Up?

16 Decide How to “Break in”
Use a Web Browser and Exploit a Weakness Buffer overflow (plant Netcat) Unchecked Data Attach Use a Null Connection Net Use \\ip\ipc$ “” /u:”” Look for Shares \\ip address or \\server name

17 Example: Windows Enumeration (What You Want)
Identify Valid User Accounts Identify Group Membership Find Poorly Protected Shares Tools… Winfingerprint Superscan Dumpsec

18 Example: Windows Enumeration (Windows Can be Vary Easy!)
Get the User IDs, Groups, etc. DumpACL – - Wow! LDAP query – Dump Accounts and Groups on a 2000 Server Tool is on the Windows 2000 Server CD!

19

20 Example: Get a Password
Brute Force Attack More Elegant Tools L0PHTCRACK LC3/LC4

21 Easy Hacks Shares Most users don’t know how to use NTFS
Default permission in NT/2000 is EVERYONE has FULL CONTROL Changed in XP to EVERYONE has READ

22 Protecting Windows Servers
Get and Run the MS Baseline Security Analyzer Use Policies Latest Service Packs and patches Weekly or automatic Firewall Software Learn how to use NTFS permissions

23 Wireless Hacking Wireless LANs are everywhere
Business, Schools, Homes By Default, they are Open! Easy to Find – Netstumbler Warchalking Protection is limited WEP: Wired Equivalent Privacy – can be hacked - airsnort New Protection Methods 802.1x

24 WORKSTATION ATTACK

25 Basic Windows 95/98 PWL file Document Passwords Keystroke Logging
Your Admin Password is All-Over-the-Place! Easily copied to a floppy Document Passwords Keystroke Logging

26 Workstation Attack Prevention
Firewall – especially on cable or DSL Limit Shares - Use Passwords Make Document Passwords LONG Be aware of PWL files

27 Windows XP Professional Attacks
More secure out of the box Use Policies Know how to use NTFS Limit Shares Don’t turn on IIS Use the built in firewall (or other)

28 SpyWare New threat Visit to Web Site Installs SpyWare
Used to Mine Personal Info Destabilizes PC Get SpyBot

29 Vendors and Politicians Fail Us
Why do and Web Clients allow software to install (without a prompt)? Why not put network access in a “sandbox”? Why are web sites allowed present misleading “User Agreements” What will we do about HTML?

30 Web Sites for Tools www.2600.com www.hackersclub.net

31 Summary Get Some Training! Hacking Tools are
Plentiful Simple to Use Evolving You Must Expect Attacks on All Systems Do the Basics – That Stops 99% of Attacks!

32 This Presentation Available
Visit See Our Course Schedule at

33 Add N-stealth Pest Patrol Nessus Retina Check Web Sites
Check Edtech2000 server Install LC3/LC4 on laptop Keystroke Logger detection

Download ppt "Kennesaw State University"

Similar presentations

Module XIV SQL Injection

Module XIV SQL Injection
Grass Valley Learning Center www.GVLearningCenter.com Surf the Net Safely Roger Thornburn.

Grass Valley Learning Center Surf the Net Safely Roger Thornburn.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.

Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
1 Configuring Linksys Wireless Router Prof. Valencia Community College.

1 Configuring Linksys Wireless Router Prof. Valencia Community College.
GET CONTROL! Avoid The Headache… Five Simple Steps to a Safer Computer – NUIT Tech Talk.

GET CONTROL! Avoid The Headache… Five Simple Steps to a Safer Computer – NUIT Tech Talk.
Technical Training: DIR-615

Technical Training: DIR-615
Securing a Wireless Network

Securing a Wireless Network
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.

Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Laptops, Notebooks, & Tablets, Oh My! Kathleen Hamby M.S. CBPA Governors State University.

Laptops, Notebooks, & Tablets, Oh My! Kathleen Hamby M.S. CBPA Governors State University.

Similar presentations

Ads by Google