ITCamp 2011 - Paula Januszkiewicz - 10 deadly sins of Windows Administrators

2,535 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,535
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
42
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

ITCamp 2011 - Paula Januszkiewicz - 10 deadly sins of Windows Administrators

  1. 1. 10 Deadly Sins of Administrators in regards to Windows Security Paula Januszkiewicz CQURE: IT Security Auditor, MVP, MCT http://blogs.technet.com/plwit/ paula@cqure.pl Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  2. 2. IT Camp 2011• Thanks for coming!• ITCamp is made possible by our sponsors: Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  3. 3. MVP-Press Training CoursePlanning, Deploying and ManagingMicrosoft Forefront Threat ManagementGateway 2010Available for online purchase:http://www.mvp-press.comFollow us on: http://facebook.com/MVPpress http://twitter.com/MVPpress 3 Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  4. 4. AgendaIntruduction Summary1 2 3 Top 10 Sins: From bottom to topPremium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  5. 5. Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  6. 6. 2Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  7. 7. 9. Insecure Internet Browsing Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  8. 8. Insecure Internet Browsing / Publishing DataDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  9. 9. 8. Lack of updates Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  10. 10. 7. Lack of Encryption Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  11. 11. SMB vs. IPSecDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  12. 12. 6. WYSI (NOT) WYG Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  13. 13. Explorer.exe Misinterpretation, BackupRead/ BackupWriteDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  14. 14. 5. Network Monitoring Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  15. 15. Evil WebSite, Files over DNS, Files over ICMPDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  16. 16. 4. Pirated SoftwarePremium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  17. 17. MalwareDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  18. 18. 3. Lack of Backup Mechanisms Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  19. 19. Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  20. 20. MoveFileExDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  21. 21. 2. Lack of TrainingPremium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  22. 22. Image HijacksDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  23. 23. 1. Lack of DocumentationPremium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  24. 24. PowerShell, AutorunsDEMO Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  25. 25. Top 10 ListLife without passwords…10. Weak Passwords9. Insecure Internet Browsing8. Lack of Regular Updates7. Lack of Encryption6. WUSI (NOT) WUG5. Lack of Network Monitoring4. Using Pirated Software3. Lack of Backup Mechanisms2. Lack of Training1. Lack of DocumentationSummary Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  26. 26. Be Proactive!• Infrastructure must be well documented• Split and rotate tasks between admins• Use the legal code• Perform periodical checks – Autoruns – Kernel Level Files – Network Traffic – Processes Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  27. 27. Network Layers (In) Security• http://northamerica.msteched.com/topic /details/SIM314?fbid=cCOEzy8IHuN Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  28. 28. Q&A Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro
  29. 29. Don’t forget!Get your free Azure pass! We want your feedback!• 30+15 days, no CC req’d • Win a WP7 smartphone – http://bit.ly/ITCAMP11 – Fill in your feedback forms – Promo code: ITCAMP11 – Raffle: end of the day Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro

×