Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goltsev Yuriy - Ломать - не строить!

DC7499
May 22, 2015
Research
0
47

Goltsev Yuriy - Ломать - не строить!

DEFCON Moscow 8

DC7499

May 22, 2015
Tweet

More Decks by DC7499

See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
480
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
240
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
270
Dmitry Volkov - Private messengers: without pain??
defcon
1
220
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
1
190
Sergey Belov - Another side of Bug Bounty programs
defcon
0
280
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
450
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
510
Sergey Golovanov - Indecent Response 2018
defcon
0
430

Other Decks in Research

See All in Research
研究の進め方 ランダムネスとの付き合い方について
joisino
PRO
55
19k
Large Vision Language Model (LVLM) に関する最新知見まとめ (Part 1)
onely7
20
3.2k
KDD論文読み会2024: False Positive in A/B Tests
ryotoitoi
0
200
第 2 部 11 章「大規模言語モデルの研究開発から実運用に向けて」に向けて / MLOps Book Chapter 11
upura
0
380
Global Evidence Summit (GES) 参加報告
daimoriwaki
0
150
Matching 2D Images in 3D: Metric Relative Pose from Metric Correspondences
sgk
1
320
最近のVisual Odometryと Depth Estimation
sgk
1
270
ニュースメディアにおける事前学習済みモデルの可能性と課題 / IBIS2024
upura
3
510
文化が形作る音楽推薦の消費と、その逆
kuri8ive
0
160
FOSS4G 山陰 Meetup 2024@砂丘 はじめの挨拶
wata909
1
110
「並列化時代の乱数生成」
abap34
3
820
20241115都市交通決起集会 趣旨説明・熊本事例紹介
trafficbrain
0
230

Featured

See All Featured
Code Reviewing Like a Champion
maltzj
520
39k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.3k
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
YesSQL, Process and Tooling at Scale
rocio
169
14k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
Designing the Hi-DPI Web
ddemaree
280
34k
Embracing the Ebb and Flow
colly
84
4.5k
Fireside Chat
paigeccino
34
3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k

Transcript

  1. Ломать - не строить! Юрий Гольцев @ygoltsev

  2. Intro

  3. Invest in your knowledge of practical information security

  4. Please, don’t order a penetration test until…

  5. My own TOP of security issues, related to internal networks:

    1. Weak password policy 2. Default accounts 3. Local accounts/unnecessary privileges 4. Windows architecture 5. WPAD configuration mismatch 6. Antivirus software configuration mismatch 7. No network segmentation 8. No patch management

  6. Weak password policy Description Easy to bruteforce Common Targets Directory

    Service (Active Directory/Lotus Domino/LDAP/Novell/etc) Recommendations Implement strong password policy, just follow next rules: - 8 chars (at least) -Lower, upper case -Alpha-Numeric Check for common passwords once a day (at least) - Special chars - Change every 60 days

  7. Default accounts Description Easy to bruteforce Common Targets DBs, network

    devices (routers/printers/etc) Recommendations -Disable all unused accounts -Set strong password

  8. Local accounts/unnecessary privileges Description Local administrator accounts/privileges – is bad

    Common Targets Windows hosts Recommendations -Disable accounts of local administrators on Windows hosts -Do not use GP to manage accounts of local administrators on Windows hosts

  9. Windows architecture Description You can’t prevent it, if you use

    it Common Targets Windows hosts Recommendations -Follow principle of minimal privileges -Use privileged accounts for administration tasks only -Implement two factor authentication for privileged accounts -Implement patch management

  10. WPAD configuration mismatch Description Very useful for corporate users if

    implemented, and for attacker – if not Common Targets Windows hosts Recommendations Disable WPAD (Web Proxy Auto Discovery) feature if it is not implemented

  11. Antivirus software configuration mismatch Description Antivirus software can be disable

    with local admin privileges Common Targets Windows hosts Recommendations Configure self defense feature of antivirus software

  12. No network segmentation Description No restrictions and no data filtration

    on network level Common Targets Network topology Recommendations Implement data filtration – it is better to use white lists for access

  13. No patch management Description MS08-067 still can be found during

    penetration test Common Targets Windows/Unix hosts Recommendations Implement patch management

  14. Outro