Hacker Techniques for efficient IT Administratio

cornawakeΛογισμικό & κατασκευή λογ/κού

4 Νοε 2013 (πριν από 4 χρόνια και 5 μέρες)

76 εμφανίσεις

Paula Januszkiewicz

IT Security
Auditor
, MVP, MCT

ISCG

Session Code:
SIA308

Agenda

1

2

3

Hacker role in IT
development

Hacker
Techniques

and Demos

Things

you

should

remember

and
summary

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

At least scripting language...

At least scripting language...

At least scripting language...

Hacker role in IT development

Make IT security world running

Encourage us to be up to date

Test
the

newest

technology



What is the difference between
techniques and habits?

At

first…

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

At least scripting language...

At least scripting language...

At least scripting language...

Check

who

are

you

talkin
’ to

My DNS
is


My mail
server

is



I
am

the

administrator,
my
name

is


nslookup


>set
type=all

>
victim.com




Check

who

are

you

talkin
’ to

http://ripe.net

Check

yourself
,
they

do
fingerprinting

Interesting

ports

on 172.18.10.11:

Not
shown
: 1694
closed

ports

PORT STATE SERVICE

21/
tcp

open

war
-
ftpd

25/
tcp

open

smtp

42/
tcp

open

nameserver

53/
tcp

open

domain

80/
tcp

open

http

88/
tcp

open

kerberos
-
sec

119/
tcp

open

nntp

135/
tcp

open

msrpc

139/
tcp

open

netbios
-
ssn

389/
tcp

open

ldap

445/
tcp

open

microsoft
-
ds

(…)

3389/
tcp

open

ms
-
term
-
serv

Device

type
: general
purpose

Running

(JUST GUESSING) :
Microsoft Windows 2003 (94%)




Nmap

printout

Internet Printing

What

can

you

find

about

yourself
?

Then


Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

At least scripting language...

At least scripting language...

At least scripting language...

Offline access

Bypasses operating system’s security
mechanisms

Access Control Lists (ACL)

Watchdogs

Open files

SAM database
-

allows password reset

Easy to use by each user

Difficult to use by externals






Offline access

Access to the damaged system

File recovery

Password recovery

Full disk problems




Offline

access

How

to
recover

from

the

system
crash

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

Keep your knownledge up to date

Hotfix analysis

Why
Hotfixes

are released?

Hacker’s usage

Change analysis

Vulnerability / improper system setting area

Limited time

Administrator’s usage

What will be changed if I install it?

Should I really need this?


Hotfix

analysis

What

is

inside
?

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

Keep your knownledge up to date

Use Debugger

Variable choices

SoftICE

WinDbg

DEBUG

IDA Pro

One idea: to look through the code and data
structures

Administrators: Crash dump analysis

Process Explorer

Windows
Debugger
,
Process

Explorer

Crash

Dump

Analysis
, System
Deep
-
Dive

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

Keep your knownledge up to date

Why Data Protection Matters

“More than 100 USB memory sticks, some
containing secret information, have been lost or
stolen from the Ministry of Defense since 2004,

it has emerged.”



BBC News July 2008

“Some of the largest and medium
-
sized U.S.
airports report close to 637,000 laptops lost
each year, according to the Ponemon Institute
survey released Monday”



PC World June 2008

Use data encryption

Different levels of encryption

File format level

Active Directory Rights Management Services

3rd party tools


for single files / folders

System level

Volume level, hardware based

Can be used together

Prevents offline attacks

Use transmission encryption

Different levels of encryption

Application / Format Based

Secure Socket Layer

IPSec / tunneling (PPTP, L2LP)

Physical encryption

Makes data disclosure and manipulation harder

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

Keep your knownledge up to date

Know at least one scripting language

Hackers love scripts

Perl

Python

You should love PowerShell 2.0

Server Role management modules

Server management

Remoting

Microsoft Common Criteria




Windows PowerShell

Account Enumeration, Service Accounts, Service Location

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

At least scripting language...

At least scripting language...

Test your users

Play a social engineer role

Monitor them…

…and show you do it

Break users’ passwords

Train them well


Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

At least scripting language...

Have

your

own

toolkit

Internet Browser is sometimes enough

CMD and build
-
in system tools

Specialist tools

Your own scripts

Social engineering skills

PowerShell

2.0

Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

Keep your knownledge up to date

Keep your knowledge up to date

IT resources

Mailing Lists

Blogs / RSS

Webcasts

Know law regulations in your country

Security bulletins

Microsoft

SANS

ISS

Other


Hacker Role in IT Development

Check who are you talkin’ to

Summary

Offine access

Hotfix analysis

Windows Debugger

Encryption + protection

At least scripting language...

Test your users

Have your own toolkit

Keep your knownledge up to date

Summary

Hackers are evil but usually very smart, we can
learn a lot

Human nature
,

not technology is the key to
defense against penetration attempts

Hacker succeed because they learn faster then
administrators



...and test all demos at home!



Whenever

you

want

…or meet me in the ATE booth!

paula.januszkiewicz@gmail.com

Complete an evaluation
on
CommNet

and enter to
win an Xbox 360 Elite!

Track Resources

http://technet.microsoft.com/pl
-
pl/sysinternals/default(en
-
us).aspx

http://blogs.technet.com/markrussinovich/

http://www.governmentsecurity.org

http://www.microsoft.com/windows/enterprise/products/windows
-
7/features.aspx

www.microsoft.com/teched



Sessions On
-
Demand & Community

http://microsoft.com/technet



Resources for IT Professionals

http://microsoft.com/msdn



Resources for Developers

www.microsoft.com/learning



Microsoft Certification & Training Resources

Resources

©
2009 Microsoft
Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademar
ks
and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the
dat
e of this presentation. Because Microsoft must respond to changing market conditions, it should
not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any informatio
n p
rovided after the date of this presentation.
MICROSOFT
MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.