Penetrating NT Networks Through Information Leaks and Policy Weaknesses.

Presented at Black Hat USA 1998, July 29, 1998, 10 a.m. (90 minutes).

The focus of this presentation will be a demonstration of how Windows NT hosts can be queried for information and how the information can be correlated to provide an attacker with a path of least resistance. Even though many Windows NT networks have few remotely exploitable technical vulnerabilities (buffer over-runs, flawed CGI scripts, address based authentication etc.), most NT networks give away too much information. By analyzing the information it is easy to find policy weaknesses that can be exploited to gain access to the NT hosts. Custom tools will be demonstrated on a small network.


Presenters:

  • Dominique Brezinski - Network Security Professional Secure Computing Corporation
    Dominique Brezinski is a Network Security Professional at Secure Computing Corporation and has been concentrating on Windows NT and TCP/IP network security issues for four years. Prior to working for Secure Computing, Mr. Brezinski worked as a Research Engineer at Internet Security Systems where he was responsible for finding new vulnerabilities and security assessment techniques for Windows NT. In 1996 Mr. Brezinski published a white paper entitled "A Weakness in CIFS Authentication" which revealed a serious flaw in the authentication protocol used in Windows NT (NT LM Security). It was shown for the first time that an attacker could completely subvert the network authentication in Windows NT to gain unauthorized access to Windows NT servers. Mr. Brezinski has continued to demonstrate advanced techniques for assessing the risks present in Windows NT networks.

Similar Presentations: