Разделы презентаций


Pass-the-Hash

Jump Start AgendaModule 1: Today’s Threat LandscapeModule 2: Key Principles of SecurityModule 3: Understanding your enemy!Module 4: Phases of HackersLunch BreakModule 5: What motivates hackers?Module 6: Pass the HashModule

Слайды и текст этой презентации

Слайд 1Pass-the-Hash

Pass-the-Hash

Слайд 2 Jump Start Agenda
Module 1: Today’s Threat Landscape
Module 2:

Key Principles of Security
Module 3: Understanding your enemy!
Module 4: Phases

of Hackers
Lunch Break
Module 5: What motivates hackers?
Module 6: Pass the Hash
Module 7: Windows Security Capabilities and Tools
Jump Start AgendaModule 1: Today’s Threat LandscapeModule 2: Key Principles of SecurityModule 3: Understanding your

Слайд 3Module Insights
Explore the major thread coming with pass-the-hash and the

mitigation options available.

Module InsightsExplore the major thread coming with pass-the-hash and the mitigation options available.

Слайд 4Pass the Hash
Every time you connect to the internet, you

have instant and direct IP connectivity to…

Online Services
Wonderful Internet Services
Internet

cafes in
vacation spots

Activities

Ideological Movements

Organized Crime

Nation States

Pass the HashEvery time you connect to the internet, you have instant and direct IP connectivity to…Online

Слайд 5Pass-the-Hash Definition
“Hash” = cached credential
Usually not “cleartext”
Identically powerful to “cleartext”

by most systems
Can be stored in memory or persisted on

disk
Most operating systems cache credentials for SSO

Username/
Password

Username/
Hash

Username/
Hash

Pass-the-Hash Definition“Hash” = cached credentialUsually not “cleartext”Identically powerful to “cleartext” by most systemsCan be stored in memory

Слайд 6Pass-the-Hash Technique
Attacker gains local admin access to initial system
Uses collected

hashes to move laterally through the network
Additional hashes are collected

as they go
New hashes give access to additional systems
Network/domain privileged account compromised  Game Over

User A/
Hash A

User B/
Hash B

User B/
Hash B

User A/
Hash A

Pass-the-Hash TechniqueAttacker gains local admin access to initial systemUses collected hashes to move laterally through the networkAdditional

Слайд 7Attack Scenario

Attack Scenario

Слайд 8Access:
Users and
Workstations
Power:
Domain
Controllers
Data:
Servers and
Applications
Typical Pass

The Hash Attack
Bad guy targets workstations
User running as local admin

compromised, Bad guy harvests credentials.

Bad guy uses credentials for lateral traversal

Bad guy acquires domain admin credentials and associated privileges – privilege escalation

Bad guy has direct or indirect access to read/write/destroy data and systems in the environment.

Access: Users and WorkstationsPower: Domain ControllersData: Servers and ApplicationsTypical Pass The Hash AttackBad guy targets workstationsUser running

Слайд 9Windows Credential Editor NTLM Pass-the-Hash

Windows Credential Editor NTLM Pass-the-Hash

Слайд 10Crack the Hash

Crack the Hash

Слайд 11Why can’t Microsoft release an update to fix it?
Pass the

Hash and other credential theft attacks exploit the access that

an attacker gains by compromising an account in the local administrators group.
Why can’t Microsoft release an update to fix it?Pass the Hash and other credential theft attacks exploit

Слайд 12Current Guidance
Microsoft published Pass-the-Hash guidance in December 2012.

Highlighted best practices

and dispelled urban legends.

Current GuidanceMicrosoft published Pass-the-Hash guidance in December 2012.Highlighted best practices and dispelled urban legends.

Слайд 13Key Takeaways

Key Takeaways

Слайд 14@ErdalOzkaya
@MiladPFE
Connect with the speakers!
http://erdalozkaya.com/
https://www.facebook.com/milad.aslaner

@ErdalOzkaya@MiladPFEConnect with the speakers!http://erdalozkaya.com/https://www.facebook.com/milad.aslaner

Слайд 15Deep technical content and free product evaluations
Hands-on deep technical labs
Free,

online, technical courses
Download Microsoft software trials today.
Find Hand On Labs.
Take

a free online course.

Technet.microsoft.com/evalcenter

Technet.microsoft.com/virtuallabs

microsoftvirtualacademy.com

At the TechNet Evaluation Center you can download free, trial versions of Microsoft software, with no feature limits. Dozens of trials are available – all at no cost.
Try Windows Server 2012 for up to 180 days. Download the Windows 8 Enterprise 90-day evaluation. Or try Windows Azure at no-cost for up to 90 days.

Microsoft Hands On Labs offer virtual environments that will take you through guided, technically deep product learning experience.
Learn at your own pace in labs that you can complete in 90 minutes or less. There is no complex setup or installation is required to use TechNet Virtual Labs.

Microsoft Virtual Academy provides free online training on the IT scenarios that are important to your company and your career.
Learn at your own pace and boost your IT skills with over 100 courses across more than 15 Microsoft technologies including Windows Server, Windows 8, Windows Azure, Office 365, virtualization, Windows Phone, and more.

TechNet Virtual Labs

Deep technical content and free product evaluationsHands-on deep technical labsFree, online,  technical coursesDownload Microsoft software trials

Обратная связь

Если не удалось найти и скачать доклад-презентацию, Вы можете заказать его на нашем сайте. Мы постараемся найти нужный Вам материал и отправим по электронной почте. Не стесняйтесь обращаться к нам, если у вас возникли вопросы или пожелания:

Email: Нажмите что бы посмотреть 

Что такое TheSlide.ru?

Это сайт презентации, докладов, проектов в PowerPoint. Здесь удобно  хранить и делиться своими презентациями с другими пользователями.


Для правообладателей

Яндекс.Метрика