This talk will focus on practical methods of identifying and bypassing modern enterprise class security solutions
such as Load Balancers, both Network and Host-based Intrusion Prevention Systems (IPSs), Web Application Firewalls (WAFs), and Network Access Control Solutions (NAC). The goal of this talk is to show IT Personnel the common weaknesses in popular security products and how those products should be configured.
The key areas are:
* IPS Identification and Evasion
* WAF Identification and Bypass
* Anti-Virus Bypass
* Privilege Escalation
* Becoming Domain Admin
17. Project Scope Project Scope Internal BlackBox (Limited Knowledge) Penetration Test External BlackBox (Limited Knowledge) Penetration Test Web Application Security Assessment Wireless Security Assessment Physical Security Assessment Project Limitations Project was considered blackbox until Sampleblank consultants were detected by network team. No social engineering or user interaction attacks were authorized
18. Attacking sampleblank: The Play-By-Play Hmmm…what do we have here???? The following security/monitoring applications were discovered McAfee Virus Shield McAfee HIPS Altiris Big Brother Attack Steps: Enumerate Network without scanning Obtain valid privileged credentials