Over the Router, Through the Firewall, to Grandmaâs House We Go.

Presented at Black Hat USA 1999, July 8, 1999, 11 a.m. (60 minutes).

This will be a cross-platform hack demonstration taking everyone over a router, through a firewall and into the corporate jewels. The demonstration setup will use 6 NT-Unix hosts, one router and one firewall. Three to four video projectors will help walk everyone through each node in the attack. Methods will be presented which an attacker may use to circumvent traditional security models or exploit common security misconfigurations in a DMZ-Firewall environment. Specific attacks will be demonstrated in a mixed Unix ö NT environment, including: *Exploiting NT: information enumeration via the NT resource kit. *Exploiting Unix: hacking root via ttdb. *Circumventing router filtering. *Authenticating to an NT host from an NT host using only the password hash. *Hijacking the GUI ö ãBack Orifice for NTä *Exploiting common misconfigurations of packet inspection firewalls. *Performing reverse telnets through the firewall. *20 uses for netcat. *Hacking NT from Unix. *Trojans, sniffers and streamed file execution for NT ö the ãadminkit for NTä Several intrusion detection systems will be running in default configurations to detect these attacks (yeah, right). After demonstrating the cross-platform hack through the router and firewall to the internal network, we will spend the balance of the presentation discussing mechanisms that can be used to help deter these types of attacks.

Presenters:

  • Eric Schultze - Ernst & Young, LLP.
    Eric Schultze is a Senior Manager in the Information Security Services practice of Ernst & Young. Based out of Seattle, Washington, he is a national resource and serves as the firmâs subject matter expert for securing Windows NT and Microsoft BackOffice applications. Eric has over 8 years of experience in information systems and security. While at Ernst & Young, Mr. Schultze has developed the service line, tools, and audit methodologies for HackNT, AuditNT, SecureNT and TrainNT. He has presented the NT Attack and Penetration methodology for numerous clients, internal training seminars, CSI 98, and NetSec 99. Portions of his HackNT methodology were featured in a July 1998 issue of InfoWorld Magazine. Mr. Schultze is an instructor in Ernst & Youngâs ãExtreme Hacking: Defending Your Siteä training class - featured in the March 22, 1999 issue of TIME magazine. His former experiences include serving as the Manager of Information Services for Beall's Department Stores where he managed their AS/400 and Windows NT environments and directed the implementation of their retail Internet presence. Prior to joining Ernst & Young, Mr. Schultze served as a Manager and a lead NT security specialist at Price Waterhouse, where he co-developed their Windows NT Attack and Penetration methodology. Mr. Schultze began his career working at Salomon Brothers where he performed financial and technology audits. He holds BA degrees in Psychology and Sociology from Amherst College.
  • George Kurtz - Ernst & Young, LLP.
    George Kurtz is a Senior Manager in the Information Security Services practice of Ernst & Young and serves as the Attack and Penetration leader within the Profiling service line. Mr. Kurtz has performed dozens of firewall, network, and Web server penetration studies / security reviews throughout his security consulting career. Mr. Kurtz has experience with designing firewall architectures and in evaluating various platforms and technologies from an audit, control, and data security perspective including: firewalls, routers, web servers, intrusion detection systems, and various Unix and NT operating systems. Mr. Kurtz has spoken at numerous industry events, and has been quoted by: the Wall Street Journal, USA Today, Associated Press, Communications Week, InfoWorld, PC Week, Bergen Record, C|net On-line, and Accounting Today. He has also published several works including The art of Attack and Penetration, Sys Admin (March and April 1999) & Diary of a Tiger Team, Information Security News (1995), and featured in a chapter of Corporate Espionage by Ira Winkler.

Similar Presentations: