Presentation is loading. Please wait.

Presentation is loading. Please wait.

TCOM 59901 Information Assurance Management System Hacking.

Published byNancy Sanders Modified over 9 years ago

Similar presentations

Presentation on theme: "TCOM 59901 Information Assurance Management System Hacking."— Presentation transcript:

1 TCOM 59901 Information Assurance Management System Hacking

2 TCOM 59902 Hacking Windows 95/98 Win 9x was not designed to be secure…like NT was…well 4 categories of remote exploitation –Direct connect to shared resource –Backdoor server daemons –Exploit known server application vulnerabilities –Denial of service

3 TCOM 59903 Hacking Windows 95/98 Note that three of these require some misconfiguration or poor judgement on the part of the sysadmin or user Can be easily fixed...

4 TCOM 59904 Hacking Windows NT The Administrator Can’t go anywhere if your not… Passwords…Manual guessing –Easiest password possible…no password! –Something easy –Popular software default passwords

5 TCOM 59905 Hacking Windows NT Automated guessing –Legion... –Can scan multiple class C IP ranges for Windows shares and has a manual dictionary attack tool. –NAT NetBIOS Auditing Tool does one at a time

6 TCOM 59906 Hacking Windows NT –Network password exchange –L0phtcrack - password files SMB Packet Capture bypasses that need - grabs them on the fly by listening to local network segment Password Countermeasures?

7 TCOM 59907 What to Do? Block access to TCP and UDP ports 135-139 Enable TCP/IP security Set Restrict Anonymous key in Registry

8 TCOM 59908 What to Do? Remove Everyone from the Access This Computer in user rights Apply the Service Packs and hotfixes

9 TCOM 59909 What to Do? Strong Passwords! And enforce it! Rename the Administrator account…time, time, time Disable Guest

10 TCOM 599010 What to Do? Admin passwords must be the strongest…and change them regularly No Domain Admin credentials on stand-alone machines

11 TCOM 599011 What to Do? Install passprop from NTRK to enable account lockout for Administrators Install SYSKEY enhanced encryption for the SAM…time, time, time

12 TCOM 599012 What to Do? Enable auditing…then check the logs! Weekly or use automated log analysis tools Verify Registry access permissions are secure

13 TCOM 599013 What to Do? Set the Hidden Registry value on sensitive servers…removes the host from browse lists Don’t run unnecessary services and avoid those that run in the security context of a user

14 TCOM 599014 What to Do? Understand how to configure applications securely or don’t run them! Educate your users on sensitivity of passwords

15 TCOM 599015 What to Do? Migrate to switched architectures…harder to eavesdrop then shared infrastructures Keep current with security mailing lists

Download ppt "TCOM 59901 Information Assurance Management System Hacking."

Similar presentations

Ethical Hacking Module IV Enumeration.

Ethical Hacking Module IV Enumeration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Windows 2003 SP1 Member Server in ASU Active Directory WNUG/CCC February 2, 2006 Sharon Bushart CLAS Information Technology.

Windows 2003 SP1 Member Server in ASU Active Directory WNUG/CCC February 2, 2006 Sharon Bushart CLAS Information Technology.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost 127.0.0.1 (loopback address)  Internal networks 

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.

Hacking Windows 2K, XP. Windows 2K, XP Review: NetBIOS name resolution. SMB - Shared Message Block - uses TCP port 139, and NBT - NetBIOS over TCP/IP.
1 Chapter Overview Understanding the Windows 2000 Networking Architecture Using Microsoft Management Console.

1 Chapter Overview Understanding the Windows 2000 Networking Architecture Using Microsoft Management Console.
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Similar presentations

Ads by Google