October 2008 Archives
Today was finally able to take the time to look at the Tech Ed 2008 (Tech·Ed North America 2008 IT Pros) sessions from back in June. Lots of good stuff here on security. There are 3 links below. The first requires that you have a Windows Live ID login. The second should just open in your video player.
You can browse or download more of the sessions from here:
http://technet.microsoft.com/en-us/events/teched/cc561184.aspx
Windows Security Boundaries
In this session, learn what constitutes a security boundary; get a tour through core Windows technologies, including user sessions, Code Integrity, PatchGuard, Service Security Hardening, and User Account Control, to learn where Windows currently defines such boundaries; and gain insight into why application compatibility and user experience make defining boundaries much more difficult than it might seem. Speaker: Mark Russinovich (session SEC372).
At 55:25, he starts discussing Vista's UAC.
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=993
A Hackers Diary: How I Can Hack Your Vulnerable Services and How You Can Stop Me
This live session demonstrates how a hacker will try to exploit vulnerable applications in order to compromise remote systems and how you can defend yourself from such attacks. Marcus Murray of the TrueSec Security Team exposes the latest and greatest in exploitation frameworks using live demonstrations and at the same time demonstrates and talks about countermeasures that are effective in the real world. The countermeasures discussion includes a step-by-step-approach using the latest technology from Microsoft, as well as the processes needed for a successful security implementation. Speaker: Marcus Murray (session SEC354).
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=989
His notes from the session are on his blog. From 42:00 to 45:00 you get a chilling warning of why hacker's hack and why we should be upgrading to up-to-date software. It is inherently more secure than old software.
.
Windows Logins Revealed
Every day we log into our Windows systems. But what really happens when we do? How DO our workstations and our domain controllers exchange logon information without revealing our passwords? Security hardening guides talk about how scary old-style LM, NTLM and NTLMv2 logons are, but why EXACTLY do they say that--particularly when it's practically impossible to keep all of the old-style logins from happening even in the most modern network? How DOES AD's favorite logon protocol, Kerberos, work? Join expert Windows explainer and security geek Mark Minasi in an in-depth look at how Windows logins work, how they can not work (and how you can fix them) as well as how to better secure them. After seeing this talk, you will have NO excuses for not tweaking those group policy security settings! Speaker: Mark Minasi (session SEC450).
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=995
