80 likes | 454 Views
ECE 4112 Internetwork Security Project. Hacking a Corporate Network. Putting it all together. Drew Conner Rachel Moorehead. Group 9. Background Corporate Network Attacks - To the DMZ - To the DC Defenses. Background. Motivation: Prepare for a real life corporate experience
E N D
ECE 4112 Internetwork Security Project Hacking a Corporate Network Putting it all together Drew Conner Rachel Moorehead Group 9
Background Corporate Network Attacks - To the DMZ - To the DC Defenses Background • Motivation: Prepare for a real life corporate experience • Microsoft has 66 percent market share in the server OS arena, Linux has 20 percent and UNIX has 8 percent, with all others (e.g., NetWare, Macintosh) accounting for 6 percent.
Background Corporate Network Attacks - To the DMZ - To the DC Defenses Step-by-Step Approach • “[There is a] need for a more layered defense strategy that provides extensive internal network visibility.” ISS • The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. • High risk vulnerabilities are commonplace in corporate networks. Respondents found a number of risky vulnerabilities on their networks during 2005. • 28% found unauthorized reconnaissance • 23% found unauthorized personnel with root or administrator access • 17% found suspicious connections to critical applications and databases on their networks
Project Description Technical Details - Microcontroller - Database Problems Faced Market & Cost Analysis Future Work Acknowledgements Background Corporate Network Attacks - To the DMZ - To the DC Defenses Corporate Network Manufacturing Problems Lean Principles Lean Benefits Why Lean?
Project Description Technical Details - Microcontroller - Database Problems Faced Market & Cost Analysis Future Work Acknowledgements Background Corporate Attacks - To the DMZ - To the DC Defenses Attacks to the DMZ Manufacturing Problems Lean Principles Lean Benefits Why Lean? • Attacking the Web Server • Use MS SQL Exploits • Exploit xp_cmdshell service • Load our “warez” on the machine using TFTP • Activate NetCat to open a connection • New Reconnaissance Tools: • PWDump - Get password hashes • Ophcrack - Crack hashes
Project Description Technical Details - Microcontroller - Database Problems Faced Market & Cost Analysis Future Work Acknowledgements • Background • Corporate Network • Attacks • - To the DMZ • - To the DC • Defenses Attacks to the DC • Attacking the MS Active Directory • Reroute traffic • Exploit Remote Desktop • New Reconnaissance Tools: • Active Directory Domain Listing • netsh
Project Description Technical Details - Microcontroller - Database Problems Faced Market & Cost Analysis Future Work Acknowledgements Background Corporate Network Attacks - To the DMZ - To the DC Defenses Defenses Manufacturing Problems Lean Principles Lean Benefits Why Lean? • Web Server • Disable xp_cmdshell • Run SQL Server as a restricted user • Access databases as a restricted user • Restrict use to services like TFTP • Active Directory • Harden Administrator account and password • Review what services such a Remote Desktop that should be disabled
Project Description Technical Details - Microcontroller - Database Problems Faced Market & Cost Analysis Future Work Acknowledgements Background Corporate Network Attacks - To the DMZ - To the DC Defenses Questions Manufacturing Problems Lean Principles Lean Benefits Why Lean? “Annual Internal Threat Report Reveals Attacks Against Corporate Networks Unrelenting.” ISS. 2005. Dido, Laura. “Application Infrastructure & Software Platforms.” The Yankee Group. April 2004. Johansson, J. “Protect Your Windows Network: From Perimeter to Data.” Addison-Wesley Professional. 2005.