Seven Deadliest Microsoft Attacks

ISBN-10: 1597495514
ISBN-13: 9781597495516
Authors: Rob Kraus, Mike Borkin, Brian Barber, Naomi Alpern
List price: $15.99

FREE return shipping at the end of the semester -

Out of stock

Description:

Author bio:

Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology. Prowell has managed both commercial and academic software development projects and consulted on design, development, and testing of applications ranging from consumer electronics to medical scanners, from small embedded real-time systems to very large distributed applications. Prior to joining the SEI in 2005, Prowell was a research professor at the University of Tennessee. To support wider adoption of rigorous methods in industry, he started…    

Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology. Prowell has managed both commercial and academic software development projects and consulted on design, development, and testing of applications ranging from consumer electronics to medical scanners, from small embedded real-time systems to very large distributed applications. Prior to joining the SEI in 2005, Prowell was a research professor at the University of Tennessee. To support wider adoption of rigorous methods in industry, he started…    

Loading...

Customers also bought

Product details

Binding: Paperback Publisher: Elsevier Science & Technology Books Number of pages: 192 Dimensions: 7.75" wide x 9.25" long x 0.75" tall Weight: 0.880 lbs. Language: English

Table of contents

Acknowledgments
About the Authors
Introduction
Windows Operating System – Password Attacks
Windows Passwords Overview
Security Accounts Manager
System Key (SYSKEY)
LAN Manager Hash
NT Hash
LSA Secrets
Password and Lockout Policies
How Windows Password Attacks Work
Dangers with Windows Password Attacks
Obtaining Password Hashes
Pass the Hash
Timed Attacks to Circumvent Lockouts
LSA Secrets
Future of Windows Password Attacks
Defenses against Windows Password Attacks
Defense-in-Depth Approach
Microsoft and Third-Party Software Patching
Logical Access Controls
Logging Security Events
Implementing Password and Lockout Policies
Disable LM Hash Storage for Domain and Local Systems
SYSKEY Considerations
Summary
Active Directory – Escalation of Privilege
Escalation of Privileges Attack Anatomy
Dangers with Privilege Escalation Attacks
Escalation through Batch Scripts
Attacking Customer Confidence
Horizontal Escalation
Future of Privilege Escalation Attacks
Defenses against Escalation of Privilege Attacks
First Defensive Layer: Stop the Enemy at the Gate
Second Defensive Layer: Privileges Must Be Earned
Third Defensive Layer: Set the Rules for the Playground
Fourth Defensive Layer: You'll Need That Secret Decoder Ring
Summary
Endnotes
SQL Server – Stored Procedure Attacks
How Stored Procedure Attacks Work
Initiating Access
Accessing Stored Procedures
Dangers Associated with a Stored Procedure Attack
Understanding Stored Procedure Vulnerabilities
Adding a Local Administrator
Keeping Sysadmin-Level Access
Attacking with SQL Injection
The Future of Stored Procedure Attacks
Defenses against Stored Procedure Attacks
First Defensive Layer: Eliminating First-Layer Attacks
Second Defensive Layer: Reduce the First-Layer Attack Surface
Third Defensive Layer: Reducing Second-Layer Attacks
Fourth Defensive Layer: Logging, Monitoring, and Alerting
Identifying Vital Attack Events
Fifth Defensive Layer: Limiting the Impacts of Attacks
Summary
Endnotes
Exchange Server – Mail Service Attacks
How Mail Service Attacks Work
Mail Flow Architecture
Attack Points
Dangers Associated with Mail Service Attacks
Directory Harvest Attacks
SMTP Auth Attacks
Mail Relay Attacks
The Future of Mail Service Attacks
Defenses against Mail Service Attacks
Defense in the Perimeter Network
Defense on the Internal Network
Supporting Services
Summary
Office – Macros and ActiveX
Macro and Client-Side Attack Anatomy
Macro Attacks
ActiveX Attacks
Dangers Associated with Macros and ActiveX
Metasploit Reverse TCP Connection
ActiveX Attack via Malicious Website
Future of Macro and ActiveX Attacks
Macro and ActiveX Defenses
Deploy Network Edge Strategies
Using Antivirus and Antimalware
Update Frequently
Using Office Security Settings
Working Smart
Summary
Endnote
Internet Information Services – Web Service Attacks
Microsoft IIS Overview
File Transfer Protocol Publishing Service
WebDAV Extension
ISAPI
How IIS Attacks Work
Dangers with IIS Attacks
Dangerous HTTP Methods
FTP Anonymous Access
Directory Browsing
Future of IIS Attacks
Defenses Against IIS Attacks
Disable Unused Services
Default Configurations
Account Security
Patch Management
Logging
Segregate IIS
Penetration Testing
URLScan
IIS Lockdown
Summary
SharePoint – Multi-tier Attacks
How Multi-tier Attacks Work
Multi-tier Attack Anatomy
Dangers with Multi-tier Attacks
Leveraging Operating System Vulnerabilities
Indirect Attacks
How Multi-tier Attacks Will Be Used in the, Future
Defenses against Multi-tier Attacks
First Defensive Layer: Failure to Plan = Plan to Fail
Second Defensive Layer: Leave No Hole Unpatched
Third Defensive Layer: Form the Protective Circle
Summary
Endnotes
Index