Security posture assessment (SPA) of Windows NT networks.

Presented at Black Hat USA 1997, Unknown date/time (Unknown duration).

Though the level of security in a computer system should reflect the policies of the organization, a baseline reasonable policy will be used as the foundation for discussion of the methods, techniques, and tools used in doing a SPA for NT networks.  Common and not so common attacks against Windows NT networks will be discussed, as well as possible defenses that can be used to uphold the security policy.  There will as so be a small discussion about what and how information should be preserved in the case that a security incident occurs.  Some assessment tools will be provided.

Presenters:

• Dominique Brezinski
  Mr. Brezinski has been researching Windows NT security for three years, which lead him to release a paper entitled "A Weakness in CIFS Authentication" that described, in detail, a fundamental flaw in the authentication protocol used in Windows NT. He has a background in network protocols, authentication, and intrusion detection.

Similar Presentations:

• ToorCon San Diego 1 (1999) / Maximum Internet Security for Windows NT
• Black Hat USA 1998 / Penetrating NT Networks Through Information Leaks and Policy Weaknesses.
• DEF CON 9 (2001) / Windows NT and Novell Host Based Intrusion Detection Using Native Logging and 3rd Party Log Reporting Tools.