itcamp 2012 - paula januszkiewicz - stronghold to strengthen
TRANSCRIPT
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud ITCamp 2012 sponsors
itcampro @ itcamp12 # Premium conference on Microsoft technologies
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Agenda
1 2 4
Intruduction
Hardening Techiques Summary
3
Infrastructure Techniques
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Hacker Role in IT Development
• Hackers make IT security world running
• Hackers encourage us to be up to date
• Hackers test the newest technology
What is the security
trend?
8
19790509
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Security Intelligence Report
http://www.microsoft.com/security/sir/
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Agenda
1 2 4
Intruduction
Hardening Techiques Summary
3
Infrastructure Techniques
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud
External Views
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Test Your Users
• Play a social engineer role
• Monitor them…
• …and show you do it
• Break users’ passwords
• Train them well
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Know At Least One Scripting Language
• Hackers love scripts
– Perl
– Python
• You should love PowerShell 2.0
– Server Role management modules
– Server management
– Remoting
– Microsoft Common Criteria
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
Incorrect Access Control Lists
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
WYSI (NOT) WYG
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Use Debugger
• Variable choices:
– SoftICE
–WinDbg
–DEBUG
– IDA Pro
• One idea:
– To look through the code and data structures
• Administrators: Crash dump analysis
• Process Explorer
Picture: commons.wikimedia.org
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Network Monitoring
• Watch for protocol anomalies
– Data can leak through the data field
– Watch for protocols used not only for data transfers
• Monitor the traffic
– Unfortunately some traffic may happen only once a month
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
itcampro @ itcamp12 # Premium conference on Microsoft technologies
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Agenda
1 2 3
Hacker role in IT development
Hacker Techniques and Demos
Things you should remember and summary
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Demo
Lack of General Revisions
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Lack of Training
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Keep Your Knowledge Up To Date
• Know law regulations in your country
• IT resources – Mailing Lists
– Blogs / RSS
– Webcasts
• Security bulletins – Microsoft
– SANS
– ISS
itcampro @ itcamp12 # Premium conference on Microsoft technologies
Private &
Public Cloud Have Your Own Toolkit
• Internet Browser is sometimes enough
• CMD and build-in system tools
• Specialist tools
• Your own scripts
• Social engineering skills
• PowerShell 2.0/3.0