Pre-empting Pass-the-Hash Attacks on Windows Systems

Webinar Registration

Pass-the-Hash risks are just not something you can harden out of your servers or patch your way out of. This is because:

Pass-the-hash attacks are based on some fundamental realities about passwords
The vast number of places password data is stored either temporarily or permanently
Some poor design decisions made long ago and deep within Windows security
The realities of the stack/heap memory model of today's operating systems and application

As long as we use passwords we will be vulnerable to pass-the-hash in some way, shape or form – even if in a purely Kerberos environment.

Traditional pass-the-hash defenses center on eliminating as many instances of password hash data as possible, and on making password hash unique from system to system so that there is less opportunity to obtain hashes and to limit a hashes value when it is obtained.

But in this webinar I'm going to take a step back, walk upstream a ways, and point out a very simple requirement that all pass-the-hash attacks have: the ability to run arbitrary code.

If we can deny attackers that ability we can stop pass-the-hash attacks from ever being attempted.

More importantly consider the fact that pass-the-hash is just one of many, many different attacks used by outsiders to breach our networks and steal information.

But they all depend on the ability to run arbitrary code. Stop arbitrary code and you not only stop pass-the-hash you pre-empt countless other attacks. In this webinar I'll explore the native Windows and 3rd party technologies available to prevent arbitrary code from executing on your endpoint servers and workstations. We will look at Software Restriction Policies and AppLocker. You will learn what works and what doesn't.

Lumension is the perfect sponsor for this webinar thanks to the highly intelligent arbitrary code prevention technology in their Lumension Endpoint Management and Security Suite which Chris Merritt will briefly discuss.

Stopping arbitrary code is like launching a continuous pre-emptive strike against attackers that deny them their #1 requirement.

Don't miss this real training for free ™. Please register now!

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Organization:	Required
Country:	Required
City:	Required
State:	Required
Zip/Postal Code:	Required
Number of Employees?:	RequiredRequired
Job Title?:	RequiredRequired
Industry?:	RequiredRequired
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.