Anatomy of a Network Hack: Anatomy of a Network Hack: How To Get Your Network How To Get Your Network Hacked in Ten Easy Steps! Hacked in Ten Easy Steps! Jesper M. Johansson Jesper M. Johansson Enterprise Security Enterprise Security Architect Architect Security Business & Security Business & Technology Unit Technology Unit jesperjo @ microsoft.com jesperjo @ microsoft.com
18
Embed
Anatomy of a Network Hack: How To Get Your Network Hacked in Ten Easy Steps! Jesper M. Johansson Enterprise Security Architect Security Business & Technology.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Anatomy of a Network Hack:Anatomy of a Network Hack:
How To Get Your Network How To Get Your Network Hacked in Ten Easy Steps!Hacked in Ten Easy Steps!
Jesper M. JohanssonJesper M. JohanssonEnterprise Security Enterprise Security ArchitectArchitectSecurity Business & Security Business & Technology UnitTechnology Unitjesperjo @ microsoft.comjesperjo @ microsoft.com
This Presentation…This Presentation… … is about operational security… is about operational security
The easy way is not always the secure The easy way is not always the secure wayway
Networks are usually designed in Networks are usually designed in particular waysparticular ways
In many cases, these practices simplify In many cases, these practices simplify attacksattacks
In some cases these practices enable In some cases these practices enable attacksattacks
You need to know the methods of You need to know the methods of your adversary to stop themyour adversary to stop them
This Presentation is This Presentation is Not…Not…
……a hacking tutoriala hacking tutorialHacking networks you own can be Hacking networks you own can be enlighteningenlightening
Hacking networks you do not own is Hacking networks you do not own is illegal!illegal!
……a demonstration of Windows a demonstration of Windows vulnerabilities vulnerabilities
Everything we show stems from Everything we show stems from operational security or custom operational security or custom applicationsapplications
Knowing how the platform operates is Knowing how the platform operates is criticalcritical
All platforms can get hackedAll platforms can get hacked
……for the faint of heartfor the faint of heart
The ToolsThe Tools
Four categories of tools usedFour categories of tools used““Co-opted” ordinary componentsCo-opted” ordinary components
Windows Resource Kit toolsWindows Resource Kit tools
Commonly available Commonly available hacking/administration toolshacking/administration tools
Custom-written toolsCustom-written tools
The difference between hackers The difference between hackers and script kiddies is that hackers and script kiddies is that hackers writewritetheir own toolstheir own tools
By the Way…By the Way…
I will not give you my tools. It I will not give you my tools. It does not matter what you do for does not matter what you do for a living or who you work fora living or who you work for
If you do not ask, I don’t have to If you do not ask, I don’t have to say nosay no
The TargetThe Target
RRAS BasicFirewall
Internet
FilteringRouter
Web Server
Data Center DC
SQL Server
Bad Guy
192.168.2.30
172.17.0.1
172.17.0.3
Corp DC10.1.2.17
10.1.2.16
172.17.0.2
BLAINE
B;laine: BIG GRAPHIC IS ADDITIONALGRAPHICS CAN BE UNGROUPED, FIXED IN SOME MANNER, REVIEW SHOW DVD FOR NEWER/CLEANER VERSIONS OF HARDWARE.
Knocking Down The Side Knocking Down The Side DoorDoor//Three mistakes in this statement alone:SqlConnection conn = new SqlConnection();conn.ConnectionString =
6.6. Allow all outbound trafficAllow all outbound traffic
7.7. Don’t harden serversDon’t harden servers
8.8. Reuse your passwordsReuse your passwords
9.9. Use high-level service accounts, in Use high-level service accounts, in multiple placesmultiple places
10.10.Assume everything is OKAssume everything is OK
10 Things Attackers Don’t 10 Things Attackers Don’t Want You To DoWant You To Do1.1. Ensure everything is fully patchedEnsure everything is fully patched
2.2. Use properly hardened applicationsUse properly hardened applications
3.3. Use least privilegeUse least privilege
4.4. Open only necessary holes in Open only necessary holes in firewallsfirewalls