Securing Your Network: The Art of Attack and Penetration

No ratings

Presented at BlackHatWindows 2003 by

Erik Birkholz

Eric Schultze

Hackers! They're out there everywhere just waiting to catch you off-guard. But how do you protect yourself from these malicious marauders? You have to infiltrate their minds to understand their tactics. In this workshop we expose the methodologies that today's hackers use to gain access to our customer's networks and critical data. We'll demonstrate a typical attack exploiting both well- and little-known vulnerabilities that hackers use to get around traditional security mechanisms. During the course of the attack, we'll identify opportunities to better secure hosts and networks against the more esoteric exploits. Topics include: Port Scanning Banner Grabbing Bypassing Router and Firewall Filtering Using Source Ports Leveraging Port Redirection 101 uses for netcat Exploiting Common Configuration and Implementation Weaknesses in Windows 2000 and Windows XP Exploiting System Services Enumerating Information Leakage from Microsoft hosts Passing Hash Hacking Web Servers Hacking SQL Linking Vulnerabilities for Maximum Exploitation Particular attention will be paid to securing the DMZ and related hosts against each of the above attacks.