Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goltsev Yuriy - Ломать - не строить!

Avatar for DC7499 DC7499
May 22, 2015
Research
0
50

Goltsev Yuriy - Ломать - не строить!

DEFCON Moscow 8
Avatar for DC7499

DC7499

May 22, 2015
Tweet

More Decks by DC7499

See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
Avatar for DC7499 defcon
0
530
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
Avatar for DC7499 defcon
0
260
Anton Lopanitsyn - Initial reconnaissance of web applications.
Avatar for DC7499 defcon
0
290
Dmitry Volkov - Private messengers: without pain??
Avatar for DC7499 defcon
1
230
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
Avatar for DC7499 defcon
2
210
Sergey Belov - Another side of Bug Bounty programs
Avatar for DC7499 defcon
0
300
Dmitry Sklyarov - Intel ME: Flash file system explained
Avatar for DC7499 defcon
0
510
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
Avatar for DC7499 defcon
0
580
Sergey Golovanov - Indecent Response 2018
Avatar for DC7499 defcon
0
510

Other Decks in Research

See All in Research
AIによる画像認識技術の進化 -25年の技術変遷を振り返る-
Avatar for Hironobu Fujiyoshi hf149
6
3.5k
Generative Models 2025
Avatar for Hiroshi Takahashi takahashihiroshi
21
11k
Streamlit 総合解説 ~ PythonistaのためのWebアプリ開発 ~
Avatar for MIKIO KUBO mickey_kubo
1
910
データxデジタルマップで拓く
ミラノ発・地域共創最前線
Avatar for mapconcierge mapconcierge4agu
0
170
Type Theory as a Formal Basis of Natural Language Semantics
Avatar for Daiki Matsuoka daikimatsuoka
1
220
[輪講] SigLIP 2: Multilingual Vision-Language Encoders with Improved Semantic Understanding, Localization, and Dense Features
Avatar for Naoki Kato nk35jk
2
480
ストレス計測方法の確立に向けたマルチモーダルデータの活用
Avatar for Yuriko Kikuchi yurikomium
0
590
Creation and environmental applications of 15-year daily inundation and vegetation maps for Siberia by integrating satellite and meteorological datasets
Avatar for SatAI.challenge satai
3
110
CSP: Self-Supervised Contrastive Spatial Pre-Training for Geospatial-Visual Representations
Avatar for SatAI.challenge satai
3
210
Principled AI ~深層学習時代における課題解決の方法論~
Avatar for Tatsunori Taniai taniai
3
1.2k
Large Language Model Agent: A Survey on Methodology, Applications and Challenges
Avatar for Shunsuke KITADA shunk031
12
8.2k
数理最適化に基づく制御
Avatar for MIKIO KUBO mickey_kubo
5
670

Featured

See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
34
5.9k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
329
21k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.1k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
45
7.5k
Fireside Chat
Avatar for paigeccino paigeccino
37
3.5k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
507
140k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
42
7.5k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
53
7.7k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
512
110k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
173
14k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
207
24k

Transcript

  1. Ломать - не строить! Юрий Гольцев @ygoltsev

  2. Intro

  3. Invest in your knowledge of practical information security

  4. Please, don’t order a penetration test until…

  5. My own TOP of security issues, related to internal networks:

    1. Weak password policy 2. Default accounts 3. Local accounts/unnecessary privileges 4. Windows architecture 5. WPAD configuration mismatch 6. Antivirus software configuration mismatch 7. No network segmentation 8. No patch management

  6. Weak password policy Description Easy to bruteforce Common Targets Directory

    Service (Active Directory/Lotus Domino/LDAP/Novell/etc) Recommendations Implement strong password policy, just follow next rules: - 8 chars (at least) -Lower, upper case -Alpha-Numeric Check for common passwords once a day (at least) - Special chars - Change every 60 days

  7. Default accounts Description Easy to bruteforce Common Targets DBs, network

    devices (routers/printers/etc) Recommendations -Disable all unused accounts -Set strong password

  8. Local accounts/unnecessary privileges Description Local administrator accounts/privileges – is bad

    Common Targets Windows hosts Recommendations -Disable accounts of local administrators on Windows hosts -Do not use GP to manage accounts of local administrators on Windows hosts

  9. Windows architecture Description You can’t prevent it, if you use

    it Common Targets Windows hosts Recommendations -Follow principle of minimal privileges -Use privileged accounts for administration tasks only -Implement two factor authentication for privileged accounts -Implement patch management

  10. WPAD configuration mismatch Description Very useful for corporate users if

    implemented, and for attacker – if not Common Targets Windows hosts Recommendations Disable WPAD (Web Proxy Auto Discovery) feature if it is not implemented

  11. Antivirus software configuration mismatch Description Antivirus software can be disable

    with local admin privileges Common Targets Windows hosts Recommendations Configure self defense feature of antivirus software

  12. No network segmentation Description No restrictions and no data filtration

    on network level Common Targets Network topology Recommendations Implement data filtration – it is better to use white lists for access

  13. No patch management Description MS08-067 still can be found during

    penetration test Common Targets Windows/Unix hosts Recommendations Implement patch management

  14. Outro