You don’t need to implement all the options I discuss in this post to start seeing tangible results. This post will also become – without the Nedisms and soul-patched bad guy pics – a technical article on next month. I assume you have basic familiarity with Windows, TCP/IP networking, SMB, Kerberos , NTLM, Active Directory Domain Services, & Group Policy. This blog post is for IT Pros and Infosec Red & Blue teams working in organizations, not home users. No distributed system protocol security is foolproof we just want an attacker to move on to easier prey. For the purposes of this blog post though, everything in the middle is an enemy and your goal is to keep your users and organization safe from them. Interception doesn’t always mean attack a packet-inspecting firewall or a WAN accelerator are both examples of friendly intercepting devices. An attacker might be eavesdropping, stealing credentials, or diverting a client to an evil endpoint masquerading as a friendly server. As you know, interception attacks involve manipulating communications between client and server. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. Hey folks, Ned here again with another guest post. See the original author and article here.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |