Seven Deadliest Microsoft Attacks
- 1st Edition - March 1, 2010
- Imprint: Syngress
- Authors: Rob Kraus, Naomi Alpern, Brian Barber, Mike Borkin
- Language: English
- Paperback ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 5 1 - 6
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 5 2 - 3
Seven Deadliest Microsoft Attacks explores some of the deadliest attacks made against Microsoft software and networks and how these attacks can impact the confidentiality, integr… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteSeven Deadliest Microsoft Attacks explores some of the deadliest attacks made against Microsoft software and networks and how these attacks can impact the confidentiality, integrity, and availability of the most closely guarded company secrets. If you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products, this book is for you. It pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.
The book consists of seven chapters that cover the seven deadliest attacks against Microsoft software and networks: attacks against Windows passwords; escalation attacks; stored procedure attacks; mail service attacks; client-side ActiveX and macro attacks; Web service attacks; and multi-tier attacks. Each chapter provides an overview of a single Microsoft software product, how it is used, and some of the core functionality behind the software. Furthermore, each chapter explores the anatomy of attacks against the software, the dangers of an attack, and possible defenses to help prevent the attacks described in the scenarios.
This book will be a valuable resource for those responsible for oversight of network security for either small or large organizations. It will also benefit those interested in learning the details behind attacks against Microsoft infrastructure, products, and services; and how to defend against them. Network administrators and integrators will find value in learning how attacks can be executed, and transfer knowledge gained from this book into improving existing deployment and integration practices.
The book consists of seven chapters that cover the seven deadliest attacks against Microsoft software and networks: attacks against Windows passwords; escalation attacks; stored procedure attacks; mail service attacks; client-side ActiveX and macro attacks; Web service attacks; and multi-tier attacks. Each chapter provides an overview of a single Microsoft software product, how it is used, and some of the core functionality behind the software. Furthermore, each chapter explores the anatomy of attacks against the software, the dangers of an attack, and possible defenses to help prevent the attacks described in the scenarios.
This book will be a valuable resource for those responsible for oversight of network security for either small or large organizations. It will also benefit those interested in learning the details behind attacks against Microsoft infrastructure, products, and services; and how to defend against them. Network administrators and integrators will find value in learning how attacks can be executed, and transfer knowledge gained from this book into improving existing deployment and integration practices.
- Windows Operating System-Password Attacks
- Active Directory-Escalation of Privilege
- SQL Server-Stored Procedure Attacks
- Exchange Server-Mail Service Attacks
- Office-Macros and ActiveX
- Internet Information Serives(IIS)-Web Serive Attacks
- SharePoint-Multi-tier Attacks
Information security professionals of all levels, Micosoft admins, recreational hackers
Acknowledgments
About the Authors
Introduction
Chapter 1 Windows Operating System – Password Attacks
Windows Passwords Overview
Security Accounts Manager
System Key (SYSKEY)
LAN Manager Hash
NT Hash
LSA Secrets
Password and Lockout Policies
How Windows Password Attacks Work
Dangers with Windows Password Attacks
Scenario 1: Obtaining Password Hashes
Scenario 2: Pass the Hash
Scenario 3: Timed Attacks to Circumvent Lockouts
Scenario 4: LSA Secrets
Future of Windows Password Attacks
Defenses against Windows Password Attacks
Defense-in-Depth Approach
Microsoft and Third-Party Software Patching
Logical Access Controls
Logging Security Events
Implementing Password and Lockout Policies
Disable LM Hash Storage for Domain and Local Systems
SYSKEY Considerations
Summary
Chapter 2 Active Directory – Escalation of Privilege
Escalation of Privileges Attack Anatomy
Dangers with Privilege Escalation Attacks
Scenario 1: Escalation through Batch Scripts
Scenario 2: Attacking Customer Confidence
Scenario 3: Horizontal Escalation
Future of Privilege Escalation Attacks
Defenses against Escalation of Privilege Attacks
First Defensive Layer: Stop the Enemy at the Gate
Second Defensive Layer: Privileges Must Be Earned
Third Defensive Layer: Set the Rules for the Playground
Fourth Defensive Layer: You’ll Need That Secret Decoder Ring
Summary
Endnotes
Chapter 3 SQL Server – Stored Procedure Attacks
How Stored Procedure Attacks Work
Initiating Access
Accessing Stored Procedures
Dangers Associated with a Stored Procedure Attack
Understanding Stored Procedure Vulnerabilities
Scenario 1: Adding a Local Administrator
Scenario 2: Keeping Sysadmin-Level Access
Scenario 3: Attacking with SQL Injection
The Future of Stored Procedure Attacks
Defenses against Stored Procedure Attacks
First Defensive Layer: Eliminating First-Layer Attacks
Second Defensive Layer: Reduce the First-Layer Attack Surface
Third Defensive Layer: Reducing Second-Layer Attacks
Fourth Defensive Layer: Logging, Monitoring, and Alerting
Identifying Vital Attack Events
Fifth Defensive Layer: Limiting the Impacts of Attacks
Summary
Endnotes
Chapter 4 Exchange Server – Mail Service Attacks
How Mail Service Attacks Work
Mail Flow Architecture
Attack Points
Dangers Associated with Mail Service Attacks
Scenario 1: Directory Harvest Attacks
Scenario 2: SMTP Auth Attacks
Scenario 3: Mail Relay Attacks
The Future of Mail Service Attacks
Defenses against Mail Service Attacks
Defense in the Perimeter Network
Defense on the Internal Network
Supporting Services
Summary
Chapter 5 Office – Macros and ActiveX
Macro and Client-Side Attack Anatomy
Macro Attacks
ActiveX Attacks
Dangers Associated with Macros and ActiveX
Scenario 1: Metasploit Reverse TCP Connection
Scenario 2: ActiveX Attack via Malicious Website
Future of Macro and ActiveX Attacks
Macro and ActiveX Defenses
Deploy Network Edge Strategies
Using Antivirus and Antimalware
Update Frequently
Using Office Security Settings
Working Smart
Summary
Endnote
Chapter 6 Internet Information Services – Web Service Attacks
Microsoft IIS Overview
File Transfer Protocol Publishing Service
WebDAV Extension
ISAPI
How IIS Attacks Work
Dangers with IIS Attacks
Scenario 1: Dangerous HTTP Methods
Scenario 2: FTP Anonymous Access
Scenario 3: Directory Browsing
Future of IIS Attacks
Defenses Against IIS Attacks
Disable Unused Services
Default Configurations
Account Security
Patch Management
Logging
Segregate IIS
Penetration Testing
URLScan
IIS Lockdown
Summary
Chapter 7 SharePoint – Multi-tier Attacks
How Multi-tier Attacks Work
Multi-tier Attack Anatomy
Dangers with Multi-tier Attacks
Scenario 1: Leveraging Operating System Vulnerabilities
Scenario 2: Indirect Attacks
How Multi-tier Attacks Will Be Used in the Future
Defenses against Multi-tier Attacks
First Defensive Layer: Failure to Plan = Plan to Fail
Second Defensive Layer: Leave No Hole Unpatched
Third Defensive Layer: Form the Protective Circle
Summary
Endnotes
Index
- Edition: 1
- Published: March 1, 2010
- No. of pages (eBook): 192
- Imprint: Syngress
- Language: English
- Paperback ISBN: 9781597495516
- eBook ISBN: 9781597495523
RK
Rob Kraus
Rob Kraus (CISSP, C|EH, MCSE) is a Senior Security Consultant for Solutionary, Inc. Rob is responsible for organizing customer requirements, on-site project management and client support while ensuring quality and timeliness of Solutionary's products and services.
Rob was previously a Remote Security Services Supervisor with Digital Defense, Inc. He performed offensive-based security assessments consisting of penetration testing, vulnerability assessment, social engineering, wireless and VoIP penetration testing, web application penetration tests and vulnerability research. As a supervisor, Rob was also responsible for leading and managing a team of penetration testers who performed assessment services for Digital Defense's customers.
Rob's background also includes contracting as a security analyst for AT&T during the early stages of the AT&T U-verse service as well as provisioning, optimizing, and testing OC-192 fiber-optic networks while employed with Nortel Networks.
Rob also speaks at information security conferences and universities in an effort to keep the information security community informed of current security trends and attack methodologies.
Affiliations and expertise
CISSP, C|EH, MCSE; Senior Security Consultant for Solutionary, Inc.NA
Naomi Alpern
Naomi Alpern currently works for Microsoft as a consultant specializing in unified communications. She holds many Microsoft certifications, including an MCSE and MCT, as well as additional industry certifications such as Citrix Certified Enterprise Administrator, Security+, Network+, and A+. Since the start of her technical career she has worked in many facets of the technology world, including IT administration, technical training, and most recently, full-time consulting.
Affiliations and expertise
Consultant, Unified Communications, Microsoft, USA, Citrix Certified Enterprise Administrator, Security+, Network+, A+, MCSE, MCTBB
Brian Barber
Brian Barber (Linux+, MCSE, MCSA, MCP+I, CNE, CNA-GW) works for the Canada Deposit Insurance Corporation (CDIC) as a project manager and architect for CDIC's IT service management program. He first started using Linux at home with Red Hat 5.1 and since then he has been a staunch advocate of open source software, belonging to the Ottawa Canada Linux User Group (OCLUG) since 2001 and the Ottawa Python Authors Group. His primary areas of interest are operating systems, infrastructure design, multiplatform integration, directory services, and enterprise messaging. In the past he has held the positions of Principal Consultant with Sierra Systems Group Inc., Senior Technical Coordinator at the LGS Group Inc. (now a part of IBM Global Services) and Senior Technical Analyst at MetLife Canada.
Affiliations and expertise
works for the Canada Deposit Insurance Corporation (CDIC) as a project manager and architect for CDIC's IT service management program.MB
Mike Borkin
Mike Borkin (MCSE, GSEC Gold) is an internationally recognized author and speaker in the area of IT security where he focuses mostly on data protection strategies, Microsoft security, and security architecture/engineering best practices. In addition to contributing articles related to security to magazines and speaking engagements for groups such as SANS and The Open Group in both the US and Europe, Mike is also the Co-Author of Vista Security for Dummies.
Affiliations and expertise
MCSE, GSEC GoldRead Seven Deadliest Microsoft Attacks on ScienceDirect