SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
  |
|
SecurityTube
Questions - a Q&A section for Infosec and Hacking launched!!!
|
How We Break Into Domains (HAR 2009)
This talk titled "How we Break into Domains: What every admin should know about Windows security" was given by Niels at Hacking at Random (HAR) 2009.
Talk Abstract: It's a cliché that most networks are hard on the outside and soft and chewy on the inside, but it's true. Securing networks is hard and it shows: most domains are easy to break into. I'll describe the weaknesses in networks we abuse to gain access to most, if not all, systems on a LAN. We'll go over some of the basics, such as problems with patching and passwords, but also some more advanced recent developments, such as hijacking Windows access tokens. I will describe how state of the art techniques can be combined to take over a domain, and how to protect your domain and your company.
Speaker Bio: Niels holds a bachelor degree in Computer Science and has been experimenting with IT security for over a decade. He has worked for Fox-IT since 2005; first as a software engineer and since 2007 as a penetration tester. He has since performed dozens of penetration tests for all sorts of companies, including governments, banks and nuclear installations. When he can find the time, Niels likes to travel to Ireland or Russia. He has a personal technical blog on blog.teusink.net.
Special thanks go out to @agentgambell for helping us with the video upload.
Talk Abstract: It's a cliché that most networks are hard on the outside and soft and chewy on the inside, but it's true. Securing networks is hard and it shows: most domains are easy to break into. I'll describe the weaknesses in networks we abuse to gain access to most, if not all, systems on a LAN. We'll go over some of the basics, such as problems with patching and passwords, but also some more advanced recent developments, such as hijacking Windows access tokens. I will describe how state of the art techniques can be combined to take over a domain, and how to protect your domain and your company.
Speaker Bio: Niels holds a bachelor degree in Computer Science and has been experimenting with IT security for over a decade. He has worked for Fox-IT since 2005; first as a software engineer and since 2007 as a penetration tester. He has since performed dozens of penetration tests for all sorts of companies, including governments, banks and nuclear installations. When he can find the time, Niels likes to travel to Ireland or Russia. He has a personal technical blog on blog.teusink.net.
Special thanks go out to @agentgambell for helping us with the video upload.
SecurityTube
Questions - a Q&A section for Infosec and Hacking launched!!!
|
Related Videos from: Presentations from Hacking at Random (HAR) 2009
.jpg) | .jpg) | .jpg) |  |  | |
You are Viewing this Video Now! | |||||
2511 views | 2684 views | 1956 views | 2082 views | 947 views |
Author
Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net
©2007 Freak Labs |