Sell your books and get cash! Enter to win $500 daily! Click here for more info.

Buy it Used or New Buy it New or Used

Other buying options Other buying options

Authorized Marketplace Sellers:
3 new & used from $19.14
Have one to sell? We'll buy it!
Seven Deadliest Microsoft Attacks
view larger

Seven Deadliest Microsoft Attacks

Kraus, Rob; Borkin, Mike; Barber, Brian; Alpern, Naomi
ISBN-10: 1597495514
ISBN-13: 9781597495516

Our Price: $31.10
Free standard shipping
or $4.99 3-day shipping
In our Marketplace:
3 new & used from $19.14
Mike Borkin (MCSE, GSEC Gold) is an internationally recognized author and speaker in the area of IT security where he focuses mostly on data protection strategies, Microsoft security, and security architecture/engineering best practices. In addition to contributing articles related to security to magazines and speaking engagements for groups such as SANS and The Open Group in both the US and Europe, Mike is also the Co-Author of Vista Security for Dummies.
show more show less
Acknowledgments
About the Authors
Introduction
Windows Operating System – Password Attacks
Windows Passwords Overview
Security Accounts Manager
System Key (SYSKEY)
LAN Manager Hash
NT Hash
LSA Secrets
Password and Lockout Policies
How Windows Password Attacks Work
Dangers with Windows Password Attacks
Obtaining Password Hashes
Pass the Hash
Timed Attacks to Circumvent Lockouts
LSA Secrets
Future of Windows Password Attacks
Defenses against Windows Password Attacks
Defense-in-Depth Approach
Microsoft and Third-Party Software Patching
Logical Access Controls
Logging Security Events
Implementing Password and Lockout Policies
Disable LM Hash Storage for Domain and Local Systems
SYSKEY Considerations
Summary
Active Directory – Escalation of Privilege
Escalation of Privileges Attack Anatomy
Dangers with Privilege Escalation Attacks
Escalation through Batch Scripts
Attacking Customer Confidence
Horizontal Escalation
Future of Privilege Escalation Attacks
Defenses against Escalation of Privilege Attacks
First Defensive Layer: Stop the Enemy at the Gate
Second Defensive Layer: Privileges Must Be Earned
Third Defensive Layer: Set the Rules for the Playground
Fourth Defensive Layer: You'll Need That Secret Decoder Ring
Summary
Endnotes
SQL Server – Stored Procedure Attacks
How Stored Procedure Attacks Work
Initiating Access
Accessing Stored Procedures
Dangers Associated with a Stored Procedure Attack
Understanding Stored Procedure Vulnerabilities
Adding a Local Administrator
Keeping Sysadmin-Level Access
Attacking with SQL Injection
The Future of Stored Procedure Attacks
Defenses against Stored Procedure Attacks
First Defensive Layer: Eliminating First-Layer Attacks
Second Defensive Layer: Reduce the First-Layer Attack Surface
Third Defensive Layer: Reducing Second-Layer Attacks
Fourth Defensive Layer: Logging, Monitoring, and Alerting
Identifying Vital Attack Events
Fifth Defensive Layer: Limiting the Impacts of Attacks
Summary
Endnotes
Exchange Server – Mail Service Attacks
How Mail Service Attacks Work
Mail Flow Architecture
Attack Points
Dangers Associated with Mail Service Attacks
Directory Harvest Attacks
SMTP Auth Attacks
Mail Relay Attacks
The Future of Mail Service Attacks
Defenses against Mail Service Attacks
Defense in the Perimeter Network
Defense on the Internal Network
Supporting Services
Summary
Office – Macros and ActiveX
Macro and Client-Side Attack Anatomy
Macro Attacks
ActiveX Attacks
Dangers Associated with Macros and ActiveX
Metasploit Reverse TCP Connection
ActiveX Attack via Malicious Website
Future of Macro and ActiveX Attacks
Macro and ActiveX Defenses
Deploy Network Edge Strategies
Using Antivirus and Antimalware
Update Frequently
Using Office Security Settings
Working Smart
Summary
Endnote
Internet Information Services – Web Service Attacks
Microsoft IIS Overview
File Transfer Protocol Publishing Service
WebDAV Extension
ISAPI
How IIS Attacks Work
Dangers with IIS Attacks
Dangerous HTTP Methods
FTP Anonymous Access
Directory Browsing
Future of IIS Attacks
Defenses Against IIS Attacks
Disable Unused Services
Default Configurations
Account Security
Patch Management
Logging
Segregate IIS
Penetration Testing
URLScan
IIS Lockdown
Summary
SharePoint – Multi-tier Attacks
How Multi-tier Attacks Work
Multi-tier Attack Anatomy
Dangers with Multi-tier Attacks
Leveraging Operating System Vulnerabilities
Indirect Attacks
How Multi-tier Attacks Will Be Used in the, Future
Defenses against Multi-tier Attacks
First Defensive Layer: Failure to Plan = Plan to Fail
Second Defensive Layer: Leave No Hole Unpatched
Third Defensive Layer: Form the Protective Circle
Summary
Endnotes
Index
Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology. Prowell has managed both commercial and academic software development projects and consulted on design, development, and testing of applications ranging from consumer electronics to medical scanners, from small embedded real-time systems to very large distributed applications. Prior to joining the SEI in 2005, Prowell was a research professor at the University of Tennessee. To support wider adoption of rigorous methods in industry, he started the Experimentation, Simulation, and Prototyping (ESP) project at the University of Tennessee, which develops software libraries and tools to support application of model-based testing and sequence-based specification. Software developed by this program is in use by over 30 organizations. Prior to working at the university, he served as a consultant in the software industry. His research interests include rigorous software specification methods, automated statistical testing, and function-theoretic analysis of program behavior. Prowell holds a PhD in Computer Science from the University of Tennessee and is a member of the ACM, IEEE, and Sigma Xi.Rob Kraus (CISSP, C|EH, MCSE) is a Remote Security Services Supervisor with Digital Defense, Inc. He currently performs offensive-based security assessments consisting of penetration testing, vulnerability assessment, social engineering, wireless and VoIP penetration testing, and vulnerability research. Rob's background includes contracting as a security analyst for AT&T as well as provisioning and testing OC-192 fiber-optic networks while employed with Nortel Networks. He also speaks at information security conferences and universities in an effort to keep the information security community informed of current security trends and attack methodologies.Mike Borkin (MCSE, GSEC Gold) is an internationally recognized author and speaker in the area of IT security where he focuses mostly on data protection strategies, Microsoft security, and security architecture/engineering best practices. In addition to contributing articles related to security to magazines and speaking engagements for groups such as SANS and The Open Group in both the US and Europe, Mike is also the Co-Author of Vista Security for Dummies.
Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology. Prowell has managed both commercial and academic software development projects and consulted on design, development, and testing of applications ranging from consumer electronics to medical scanners, from small embedded real-time systems to very large distributed applications. Prior to joining the SEI in 2005, Prowell was a research professor at the University of Tennessee. To support wider adoption of rigorous methods in industry, he started the Experimentation, Simulation, and Prototyping (ESP) project at the University of Tennessee, which develops software libraries and tools to support application of model-based testing and sequence-based specification. Software developed by this program is in use by over 30 organizations. Prior to working at the university, he served as a consultant in the software industry. His research interests include rigorous software specification methods, automated statistical testing, and function-theoretic analysis of program behavior. Prowell holds a PhD in Computer Science from the University of Tennessee and is a member of the ACM, IEEE, and Sigma Xi.Rob Kraus (CISSP, C|EH, MCSE) is a Remote Security Services Supervisor with Digital Defense, Inc. He currently performs offensive-based security assessments consisting of penetration testing, vulnerability assessment, social engineering, wireless and VoIP penetration testing, and vulnerability research. Rob's background includes contracting as a security analyst for AT&T as well as provisioning and testing OC-192 fiber-optic networks while employed with Nortel Networks. He also speaks at information security conferences and universities in an effort to keep the information security community informed of current security trends and attack methodologies.Mike Borkin (MCSE, GSEC Gold) is an internationally recognized author and speaker in the area of IT security where he focuses mostly on data protection strategies, Microsoft security, and security architecture/engineering best practices. In addition to contributing articles related to security to magazines and speaking engagements for groups such as SANS and The Open Group in both the US and Europe, Mike is also the Co-Author of Vista Security for Dummies.

Edition: 2010
Publisher: Elsevier Science & Technology Books
Binding: Trade Paper
Pages: 192
Size: 7.75" wide x 9.25" long x 0.75" tall
Weight: 0.88 lbs.
Language: English

100% Money Back Guarantee: Wrong item? No problem! Our hassle-free returns policy has you covered. We'll also process your order within 1-2 business days. Learn more about our shipping policy.