ITCamp 2011 - Paula Januszkiewicz - 10 deadly sins of Windows Administrators

@itcampro / #itcampro Premium conference on Microsoft’s Dev and ITPro technologies

Paula Januszkiewicz

CQURE: IT Security Auditor, MVP, MCT

http://blogs.technet.com/plwit/

paula@cqure.pl

10 Deadly Sins of Administrators in regards to Windows Security

IT Camp 2011

• Thanks for coming!

• ITCamp is made possible by our sponsors:

http://facebook.com/MVPpress

http://twitter.com/MVPpress

Follow us on:

MVP-Press Training Course

Planning, Deploying and Managing Microsoft Forefront Threat Management Gateway 2010 Available for online purchase: http://www.mvp-press.com

Agenda

Intruduction

Top 10 Sins: From bottom to top

Summary

@itcampro / #itcampro Premium conference on Microsoft’s Dev and ITPro technologies @itcampro / #itcampro Premium conference on Microsoft’s Dev and ITPro technologies

9. Insecure Internet Browsing

Insecure Internet Browsing / Publishing Data

8. Lack of updates @itcampro / #itcampro Premium conference on Microsoft’s Dev and ITPro technologies

7. Lack of Encryption

SMB vs. IPSec

6. WYSI (NOT) WYG @itcampro / #itcampro Premium conference on Microsoft’s Dev and ITPro technologies

Explorer.exe Misinterpretation, BackupRead/ BackupWrite

5. Network Monitoring

Evil WebSite, Files over DNS, Files over ICMP

4. Pirated Software

Malware

3. Lack of Backup Mechanisms

MoveFileEx

2. Lack of Training @itcampro / #itcampro Premium conference on Microsoft’s Dev and ITPro technologies

Image Hijacks

1. Lack

Documentation

PowerShell, Autoruns

Life without passwords…

10. Weak Passwords

Summary

9. Insecure Internet Browsing

8. Lack of Regular Updates

7. Lack of Encryption

6. WUSI (NOT) WUG

5. Lack of Network Monitoring

4. Using Pirated Software

Top 10 List

3. Lack of Backup Mechanisms

2. Lack of Training

1. Lack of Documentation

Be Proactive!

• Infrastructure must be well documented

• Split and rotate tasks between admins

• Use the legal code

• Perform periodical checks – Autoruns

– Kernel Level Files

– Network Traffic

– Processes

Network Layers (In) Security

• http://northamerica.msteched.com/topic/details/SIM314?fbid=cCOEzy8IHuN

Don’t forget!

Get your free Azure pass!

• 30+15 days, no CC req’d

– http://bit.ly/ITCAMP11

– Promo code: ITCAMP11

We want your feedback!

• Win a WP7 smartphone

– Fill in your feedback forms

– Raffle: end of the day

ITCamp 2011 - Paula Januszkiewicz - 10 deadly sins of Windows Administrators

Technology

Transcript of ITCamp 2011 - Paula Januszkiewicz - 10 deadly sins of Windows Administrators

ITCAMP Lync Online-Onpremise Comunidad Office 365

ITCamp - Novidades do windows server 2012

10 Deadly Sins of Administrators about Windows Security Paula Januszkiewicz Penetration Tester, MVP: Enterprise Security, MCT iDesign - CQURE: paula@idesign.net.

ITCamp 2011 - Florin Cardasim - Duplex Communications with WCF and Azure

ITCamp 2011 - Stephen Forte - Kanban

ITCamp 2012 - Paula Januszkiewicz - Stronghold to Strengthen

ITCamp 2013 - Peter Leeson - Intelligent Evolution

ITCamp 2012 - Alessandro Teglia - Community open panel

ITCamp 2011 - Mihai Nadas - Windows Azure interop

Presentation ITCamp 2014 - Intellectual Property in Software

ITCamp 2011 - Mihai Tataran - Migrating to Azure

ITCamp 2012 - Raffaele Rialdi - Introduction to WinRT

ITCamp 2012 - Dan Nicola - Scrum v2

ITCamp 2011 - Adrian Stoian - System Center Configuration Manager 2012

ITCamp 2012 - Mihai Nadas - Tackling the single sign-on challenge

ITCamp 2013 - Florin Cardasim - Windows Azure Mobile Services

ITCamp 2011 - Paul Roman - High Availability for Exchange 2010

ITCamp 2012 - Adam Granicz - Web development with WebSharper in F#

ITCamp 2012 - Florin Cardasim - HTML5 web-sockets

ITCamp 2012 - Ovidiu Beches - Developing SharePoint 2010 and Silverlight web parts