System
Hardening
Tricks
Time has
changed!
5 Phases
of Hackers
Warning!
This Presentation Contains many
information which you should
not use in live targets or
networks without permissi...
Cybercrime costs US economy up to
$140 billion annually, report says
Los Angeles Times [2013]
How hackers allegedly
stole ...
Business Innovation
Purposefully Designed Technology
Can help drive business success
Defending
difficult
why
Challenges
Attackers
have
unlimited
resources.
Attackers
need to
master only
one attack.
Defenders
cannot take
the
offensi...
•
•
•
•
•
•
FACT
FICTION
OR
Reconnaissance
Scanning
Gaining Access
Maintaining
Access
Clearing Tracks
Port Scanning Vulnerability Scanning Network Scanning
•
•
Attacker Attacker PC
Send TCP/IP probes
Gets network information
Attack occurs when the hacker moves from simply probing
the network to actually attacking it.
After hacker gained access, ...
Refers to the phase when attacker tries to retain ownership of the system
The attacker may compromise the system
This wher...
Refer to activates carried out by an attacker to hide
the misdeeds
Reasons Inc. the need for prolonged stay, continued
use...
Security
Roadmap
Initiation
Define User
Define
Applications
Define Data Define Roles
Define
Processes
Develop Policies
and...
Cellular Network
Unsupported Applications
Malicious Software
Unsolicited Bluetooth and Wi-Fi access
Compromised desktop co...
Personnel Management / Monitoring
Physical Access – Badges, Uniforms, Procedures
Communications, Monitoring, Hiring & Dism...
Physical Security
Protect External Assets
Comply with government regulations on backup / storage of corporate
data.
Know w...
Hide Tracks
Delete Audit Logs Edit DNS Create Backdoor
Exploitation
Deliver malicious Payload Steal Information DOS Attack...
Hide Tracks
Implement Secure Auditing Procedures Implement Forensics Auditing Limit & Monitor number of Administrators
Exp...
Most secure environments
follow the ‘least privileged’
principle.”
Windows Event ID #'s Message Summary
4618 A monitored security event pattern has occurred.
4649 A replay attack was detect...
Organizations
Protect your organization’s
network from security threats.
Software
Protect your applications and
minimize m...
http://erdalozkaya.com/ https://www.facebook.com/milad.aslaner
windows.com/enterprise
windowsphone.com/business
microsoft.com/springboard
microsoft.com/mdop
microsoft.com/windows/wtg
de...
www.microsoft.com/learning
http://microsoft.com/msdnhttp://microsoft.com/technet
http://channel9.msdn.com/Events/TechEd
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Bulletproofing your network security
Upcoming SlideShare
Loading in …5
×

Bulletproofing your network security

786 views

Published on

Bulletproofing your network security


http://www.microsoftvirtualacademy.com/training-courses/defense-in-depth-windows-8-1-security

http://blogs.technet.com/b/markrussinovich/

http://www.erdalozkaya.com/index.php/video-tutorials/227-network-security

http://video.ch9.ms/sessions/teched/na/2014/WIN-B310.mp4

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
786
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Bulletproofing your network security

  1. 1. System Hardening Tricks Time has changed! 5 Phases of Hackers
  2. 2. Warning! This Presentation Contains many information which you should not use in live targets or networks without permissions.
  3. 3. Cybercrime costs US economy up to $140 billion annually, report says Los Angeles Times [2013] How hackers allegedly stole “unlimited” amounts of cash from banks in just a few hours Ars Technica [2013] Ars Technica [2013] Universities face a rising barrage of cyberattacks HEADLINES Malware burrows deep into computer BIOS to escape AV The Register [September 2011] Researchers have discovered one of the first pieces ever used in the wild that modifies the software on the motherboard of infected computers to ensure the infection can’t be easily eradicated… New York Times [2013] Cyberattacks on the rise against US corporations Forget carjacking, soon it will be carhacking The Sydney Morning Herald [2013] Rising cyber security risks to drivers as their cars become increasingly powered by and connected to computers have prompted the US auto-safety regulator to start a new office focusing on the threat… Espionage malware infects rafts of governments, industries around the world Ars Technica [2013] Cyberspace changes the fog of war Politics.co.uk [2013]
  4. 4. Business Innovation Purposefully Designed Technology Can help drive business success
  5. 5. Defending difficult why
  6. 6. Challenges Attackers have unlimited resources. Attackers need to master only one attack. Defenders cannot take the offensive. Defenders must serve business goals. Defenders must win all the time.
  7. 7. • • • • • • FACT FICTION OR
  8. 8. Reconnaissance Scanning Gaining Access Maintaining Access Clearing Tracks
  9. 9. Port Scanning Vulnerability Scanning Network Scanning
  10. 10. • • Attacker Attacker PC Send TCP/IP probes Gets network information
  11. 11. Attack occurs when the hacker moves from simply probing the network to actually attacking it. After hacker gained access, he begins to move from system to system, spreading his damage as progresses. Comes down to skill level, amount of access achieves, network architecture, and configuration of the victim's network.
  12. 12. Refers to the phase when attacker tries to retain ownership of the system The attacker may compromise the system This where Backdoors, RootKits or Trojans prevents your systems Attacker can upload, download or manipulate data, applications & configurations of your systems
  13. 13. Refer to activates carried out by an attacker to hide the misdeeds Reasons Inc. the need for prolonged stay, continued use of resource, remove evidence of hacking
  14. 14. Security Roadmap Initiation Define User Define Applications Define Data Define Roles Define Processes Develop Policies and Standards New?Yes End
  15. 15. Cellular Network Unsupported Applications Malicious Software Unsolicited Bluetooth and Wi-Fi access Compromised desktop computers Loss or Theft Intercepted Data in Transit Unauthorized Network Penetration
  16. 16. Personnel Management / Monitoring Physical Access – Badges, Uniforms, Procedures Communications, Monitoring, Hiring & Dismissals Remote Access, When, Where, How, Who & Why! Security Procedures, What, When, Where, How, Who! Disaster Recovery Procedures!
  17. 17. Physical Security Protect External Assets Comply with government regulations on backup / storage of corporate data. Know who has access to what! Roaming data sources: Cloud Storage, Laptops, PDAs Plan & Implement Technology solutions for maximum effect.
  18. 18. Hide Tracks Delete Audit Logs Edit DNS Create Backdoor Exploitation Deliver malicious Payload Steal Information DOS Attack Etc Get a Foothold Obtain User Accounts / Passwords Knock on the Door Target Discovery - Scanning Find Entry Point, Open Ports, Web, Email, Contacts, Job Openings
  19. 19. Hide Tracks Implement Secure Auditing Procedures Implement Forensics Auditing Limit & Monitor number of Administrators Exploitation Keep Systems Patched inc 3rd Party Software Restrict Access to PII and Sensitive Information / Consider Encryption Disaster Recovery Planning / RISK Management Get a Foothold Use Multi Factor Authentication Plan Remote Access around Security Train Staff on Social Engineering Dangers Knock on the Door Ensure Firewalls are Secure Install IPS, Anti Virus, Anti Malware Strong Security Policies & Procedures
  20. 20. Most secure environments follow the ‘least privileged’ principle.”
  21. 21. Windows Event ID #'s Message Summary 4618 A monitored security event pattern has occurred. 4649 A replay attack was detected. 4719 System audit policy was changed. 4765 SID History was added to an account. 4766 An attempt to add SID History to an account failed. 4794 An attempt was made to set the Directory Services Restore Mode. 4964 Special groups have been assigned to a new logon. 550 Possible denial of service (DOS) attack
  22. 22. Organizations Protect your organization’s network from security threats. Software Protect your applications and minimize malware threats. People Protect workers against privacy and security threats.
  23. 23. http://erdalozkaya.com/ https://www.facebook.com/milad.aslaner
  24. 24. windows.com/enterprise windowsphone.com/business microsoft.com/springboard microsoft.com/mdop microsoft.com/windows/wtg developer.windowsphone.com
  25. 25. www.microsoft.com/learning http://microsoft.com/msdnhttp://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

×