Practical audit advice you can use today.
Consequences of Poorly Deployed Zone Records
Published: 2011-09-12 (Length: 06:00)
What harm is there in having private internal records in your external DNS servers? There are many opinions on this with a number of people saying that there's no real risk involved in exposing this data. In this episode we explore how an attacker could poll your external DNS server to expose this information, what the actual harm could be and how Split DNS solutions solve this problem.
The mapping tool described can be found here: http://it-audit.sans.org/community/downloads
Network Recon without Scanning!
Published: 2011-09-06 (Length: 08:11)
DNS reconnaissance is a powerful way to research an organization's network infrastructure without ever tripping an alarm in the IDS/IPS if you know what you're doing. In this episode we take a look at a few items that should be examined when it comes the DNS configuration and demonstrate the kind of information that can be revealed when the DNS zone information hasn't been properly secured.
Of course, now that you can identify the security issues and know what questions to ask during an audit, you may want to know how you can prevent this problem! Tune in next week for an overview of the solution and things to look for to ensure that your network is properly protected from hackers!
The tool demonstrated here for the reverse network lookup recon is called "ReverseMapper" and can be obtained from http://it-audit.sans.org/community/downloads
Your Network Might Work, But Is It Configured Correctly?
Published: 2011-08-29 (Length: 15:17)
Using a network sniffer like Wireshark is pretty easy to do, but network and security engineers only use a sniffer when they're troubleshooting or investigating. Are there any proactive tests that should be done on a network using a sniffer? Yes!
In this episode we take a look at a few basics about Wireshark and then jump right into a handy process that I often use when working with businesses of any size. It's not unusual to discover that unusual network protocols have crept in over the months and years, or to find that there are potentially serious layer 2 configuration issues creating security holes.
Cool features to make your life easier or harder!
Published: 2011-08-22 (Length: 8:12)
In Windows 7 and Vista, Microsoft seems to have gone out of its way to force us to drill through layers and layers of control panels. In this episode we take a look at a nifty easter egg that allows you to get all of those features and options into one easy to navigate spot!
This same feature, however, can be used to create an awesome local denial of service on Windows Server 2008! Watch the episode and see what the problem is and how to resolve it.
Information on how to exploit this feature can be found in the related show notes: http://it-audit.sans.org/blog/2011/08/22/windows-7-feature-windows-2008-local-denial-of-service/
Automating Your Way to Simpler Auditing!
Published: 2011-08-15 (Length: 19:05)
Powershell is fast becoming the way to perform many administrative tasks in Windows environments today. In this episode we build on the idea of extracting Active Directory User and Group information using DSQuery and DSGet, adding to it the ability to automatically process CSV files using Powershell.
The goal of the episode is to give you a quick and easy tool to allow you to compare the users who actually exist in your domain to the employees that Human Resources says that you have.
A copy of the script can be obtained from the show notes here: http://it-audit.sans.org/blog/2011/08/15/active-directory-user-auditing-automation-powershell/
© 2011, David Hoelzer & EnclaveForensics