Seven Deadliest Microsoft Attacks explores some of the deadliest attacks made against Microsoft software and networks and how these attacks can impact the confidentiality, integrity, and availability of the most closely guarded company secrets.
The book consists of seven chapters that cover the following topics: (i) attacks against Windows passwords; (ii) escalation attacks; (iii) stored procedure attacks; (iv) mail service attacks; (v) client-side ActiveX and macro attacks; (vi) Web service attacks; and (vii) multi-tier attacks. Each chapter provides an overview of a single Microsoft software product, how it is used, and some of the core functionality behind the software. Additionally, each chapter explores the anatomy of attacks against the software; the dangers of an attack; and possible defenses to help prevent the attacks described in the scenarios.
This book will be a valuable resource for those responsible for oversight of network security for either small or large organizations. It will also benefit those interested in learning the details behind attacks against Microsoft infrastructure, products, and services; and how to defend against them. Network administrators and integrators will find value in learning how attacks can be executed, and transfer knowledge gained from this book into improving existing deployment and integration practices.
- Windows Operating System-Password Attacks
- Active Directory-Escalation of Privilege
- SQL Server-Stored Procedure Attacks
- Exchange Server-Mail Service Attacks
- Office-Macros and ActiveX
- Internet Information Serives(IIS)-Web Serive Attacks
- SharePoint-Multi-tier Attacks
Information security professionals of all levels; Micosoft admins; recreational hackers
Acknowledgments About the Authors Introduction Chapter 1 Windows Operating System – Password Attacks Windows Passwords Overview Security Accounts Manager System Key (SYSKEY) LAN Manager Hash NT Hash LSA Secrets Password and Lockout Policies How Windows Password Attacks Work Dangers with Windows Password Attacks Scenario 1: Obtaining Password Hashes Scenario 2: Pass the Hash Scenario 3: Timed Attacks to Circumvent Lockouts Scenario 4: LSA Secrets Future of Windows Password Attacks Defenses against Windows Password Attacks Defense-in-Depth Approach Microsoft and Third-Party Software Patching Logical Access Controls Logging Security Events Implementing Password and Lockout Policies Disable LM Hash Storage for Domain and Local Systems SYSKEY Considerations Summary Chapter 2 Active Directory – Escalation of Privilege Escalation of Privileges Attack Anatomy Dangers with Privilege Escalation Attacks Scenario 1: Escalation through Batch Scripts Scenario 2: Attacking Customer Confidence Scenario 3: Horizontal Escalation Future of Privilege Escalation Attacks Defenses against Escalation of Privilege Attacks First Defensive Layer: Stop the Enemy at the Gate Second Defensive Layer: Privileges Must Be Earned Third Defensive Layer: Set the Rules for the Playground Fourth Defensive Layer: You’ll Need That Secret Decoder Ring Summary Endnotes Chapter 3 SQL Server – Stored Procedure Attacks How Stored Procedure Attacks Work Initiating Access Accessing Stored Procedures Dangers Associated with a Stored Procedure Attack Understanding Stored Procedure Vulnerabilities Scenario 1: Adding a Local Administrator Scenario 2: Keeping
- No. of pages:
- © Syngress 2010
- 17th March 2010
- eBook ISBN:
- Paperback ISBN:
"Seven Deadliest Microsoft Attacks brings to light easily exploitable yet commonly overlooked vulnerabilities of Microsoft systems. The real-world examples used help reinforce the magnitude of these attacks, all while depicting the simplicity of the attack itself. The authors end on a good note with steps to avoid becoming a victim and insight on industry trends."--Aaron Beauregard, IT Systems and Security Manager, Mueller Services, Inc.
"The text is peppered with warnings, notes, recommendations and so-called 'Epic Fail' text boxes that illustrate some of the typical mistakes made when working with that particular software...The bok and the chapters are short, but long enough to give a good overview of today's most common attacks targeting some of the most popular Microsoft products."--Zeljka Zorz, Help Net Security