A351 - Hacking a Domino Infrastructure and Countermeasures
volgende
|
vorige
Duur:
5.0 dagen
Kosten:
2250 euro
Aanvangsdata
:
Bel +31 33 43 43 900
Doelgroep:
This course is intended for System Administrators and IT Specialists, who want to audit and enhance the security of a Domino Infrastructure.
Korte omschrijving:
Lotus Domino seems to be a very stabile and secure Client Server Platform and is used widely a Web bases Application Server. Insecure configuration of the network and the Domino Infrastructure can cost your company millions of dollars.
This course teaches techniques which hackers use to break in into a Domino Server Infrastructure and how they gain illegal access to Company sensitive data. By learning what hackers know you will be able to defend your organization against a wide form of attacks.
Deelname-voorwaarde(n):
Basic Knowledge of networking technologies topology's and protocols, (for example:TCP/IP, HTTP, SMTP). Knowledge of Database and Messaging Administration (for example: SMTP) would be a benefit. In Addition the students should have minimum 1 year experience with the Administration and Implementation of a Domino Infrastructure. Basic skills of Developing Domino Applications would also be helpful.
Two other critical areas presented in this course are Intrusion Detection and Incident Response. As the names imply, these two areas address the tools and techniques designed to give you the advantage of being prepared to deal with hacks if and when they occur.
Being able to detect a hack and having a response plan in place will greatly improve your security awareness and further reduce your vulnerability. This course is delivered by senior practicing security consultants, who bring real world experience to the classroom.
Duur:
5 days
Doel:
Inhoud:
The Problem IT Security in our global world
History of Hacking
The Development of hacking
Development of Hacking - Who is He?
More about Black Hats
The Steps of a Successful Hack
Stay Anonymous
What is a Proxy Server
Cookies
FTP Transfers
SSL
Anonymous Remailers
spy ware
Avoiding Spyware
Cleaning Tracks
Finding Information about your Target
Fingerprinting
Ping Attacks
Whois
Legion v2.1 Windows Scanner
NMAP the standard of Fingerprinting
Winfingerprint
GFI LANGUARD
Our Target Hosts who are they?
LAB Fingerprinting the Intranet
Social Engineering
Social Engineering by Phone
Social Engineering via snail mail
Social Engineering via Internet
Social Engineering in person
Dumpster Diving Garbology
Portscanning
Portscanning How to Use this information
Portscanning , How to protect yourself
Finger
Sniffing
How does it eavesdrop on network traffic
What components are used for sniffing
Protection with configuration?
NAT RFC 1918
Proxies
Firewalls
Firewalls Packet Filter based
Load weapons and Fire!
General Attacks to get Domino data
Operating System Attacks!
Operating System Scanners
NetBIOS Shares how to hack them to gain access
NBTSTAT
LAB NBTSTAT
Establishing an IPC$ NULL Session
SID Tools
Net View
What can we learn from this?
What has this to do with Domino?
LAB Establishing a IPC$ NULL Session to map a share
Password Cracking what is it
How to Crack Passwords
Directory Attacks
Brute Force Attacks
Password Cracking an Example
Encryption
Symmetric Encryption
Asymmetric Encryption
DoS Attacks
DoS Attacks Examples
Some Famous DoS Attacks
Ping of Death
Synflooding
Buffer Overflows
DDoS (Distributed Denial of Service)
Trojans
Trojans Windows
Trojans UNIX
Transitive Trojan
Trojans Windows Demo Netbus
Using Netbus against your target
Computer Viruses
Viruses
Worms
Viruses Morris Worm
Mellissa Worm
Defacing of Web Sites
Attacking a Domino Server
Positioning Domino / Notes
Who is using Notes?
Why do people use Notes?
Attacking a Domino Server Using the Notes Client
RSA encryption
ID Files
Notes Authentication
Domino Security Model
Server Security
Former Employees
Controlling Server Access
Testing Administrative Access
Server Security Agent Security
Database Security
Database Security ACL
Tighten Security by Assigning a User Type
Hacking Domino Databases with Unspecified User Types
Refine Database Access
Advanced Settings
Database Security
ACL Scan
Managing the ACL of the Domino Directory
Design Security
View Access Lists
Form Access Lists
Form Formulas
Public Access Lists
Public Access Forms
Document Access Tools
Reader Access List for a Form
Reader Fields
Author Fields
Combining Reader and Author Fields
Domino Field Security
Field Encryption
Programming Considerations
@UserRoles
@ClientType
Partners in Securing a Domino Application
Hacking a Mail File
Workstation Security
Stored Forms
Stored Forms Attack on a Mail Database
Execution Control List (ECL) the secret to stop this
Changing the settings of the ECL
ECL Options
ECL Options Java
ECL Options Java Script
Common ECL Problems
ECL and External Code
Unclear User Preferences
Attack User ID sharing
What can you Do against Stored Form Attacks
Attacking a Domino Server via HTTP
Web Users
Basic Web authentication
Is Basic Authentication Secure?
User Authentication
Session Authentication
Enable Session Authentication
Anonymous Users
Anonymous access to servers
Anonymous access to databases
Differentiating Default and Anonymous access
Controlling database access by anonymous users
How Domino Databases work with the Web
Notes Databases and the Domino Web Server
Domino URL Syntax
URL Syntax
URL Attacks
Commands which act on a View
Commands which act on Documents
Special Database Objects
Database Structure Enumeration
Enumerating Documents
By-passing ACL's set on views
Features of Domino that lead to security vulnerability
Catalog.nsf
Webadmin.ntf
Hacking the Domino Directory
How can I restrict Hidden Views from the Web
Hashed Internet passwords
Cracking a Domino http password
Hacking other Databases using Catalog.nsf
Other Default ACLs that could be dangerous
Other Databases which are open by Default
General Information Leakage
Using DOMLock from the Web to check Web Site Security
Recommendations
Upgrading to Strong Password Hash
Real Life Easy to Hack Examples in the Net
How does a hacker finds Domino Server
That's how they hack it!
Known Domino DoS Attack Vulnerability
Lotus ESMTP Service vulnerable to DoS
Remote code execution vulnerability in Lotus Domino ESMTP Service (rcpt to, saml, soml)
Buffer overflow in Lotus Domino SMTP Server (ENVID
Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root
Buffer overflow in Lotus Domino SMTP Server (Exploit)
Buffer overflow in Lotus Domino SMTP Server
Lotus Domino Multiple DoS (Header, Unicode, DOS-device, Cobra
Domino LDAP Attack
C API Program Can Extract File Attachments from Documents Regardless of Reader Name Access Controls
Lotus Domino Vulnerable to Patch Revealing Attack
Lotus Domino DoS (Message Loop)
Lotus Domino Web server DOS-device Denial of Service
Lotus Domino bindsock Notes_ExecDirectory buffer overflow vulnerability
Lotus Domino bindsock arbitrary file creation vulnerability
Lotus Domino PATH Buffer Overflow Vulnerability
Buffer Overflow Vulnerability during Authentication to Domino Web Server
Attacking Domino via per Mail
Mail Spoofing
Mail Spoofing Using the Notes Client Built in Feature
Mail Relaying
Mail Bombing
Antivirus Products for Domino
GroupShield for Domino
Installing Groupshield for Domino W32
Securing your Domino Infrastructure
Domino and Firewalls
Basic Functions of a Firewall
What Firewalls cannot do
Firewall Components
Packet Filters
Packet Filter Settings
How Much Protection Do Packet Filters Offer?
What packet Filters cannot do
Bastion Hosts
Proxy Services
Gateway Services
System Protection, Logging and Auditing
Domino and Firewalls
Screened Host Firewall
Application-Level Firewalls
Dual Homed Host Firewall
The Demilitarized Zone (DMZ)
Notes and Domino Services
Proxies Supported by Domino
Real World Examples Using Notes and Domino and Firewall Configurations
Wormholes and Replication
NRPC Services: No Firewall, No Proxy
Dial-up Internet Connection
Browsing with Proxies and Firewall
SSL Browsing with Proxies and Firewall
Notes Client Access Using the HTTP Tunnel Proxy
Browsing Using the Web Retriever, Proxies, and Firewalls
Mail Routing using Dial-Up NRPC
SMTP Mail Routing Using a Firewall
Domino Replication Using a Proxy and a Firewall
Domino Replication Using Multiple Proxies
Multi-Hop Domino Replication with Proxies and Firewall
Firewall Using Network Address Translation
Domino and Notes Proxy Configurations
Domino Configuration
Notes Client Proxy Configuration
Securing your Infrastructure using Secure Sockets Layer
What is SSL
How SSL Operates
The SSL Handshake
The SSL Record Protocol
Export Restrictions on Encryption Keys
SSL Deployment Considerations
Server Authentication
Client Authentication
Certifying Authorities
What Is the X.509 Standard?
X.509 Certificate Content
Domino and SSL
Benefits of SSL transactions
What is S/MIME?
Sources for Internet certificates
The Role of the (Certificate Authority) CA
Domino vs. external CA
External Certificate Authority
Internal Certificate Authority
Setting Up the Domino Certificate Authority
Tasks to Set up a internal Domino CA
Setting up SSL on the Domino Server
Setting Up the Server Certificate Administration Database
Key Ring File
CA Key Ring
Server Key Ring
Setting Up Your Domino Server as an Internal Root CA
Configure your Server Internet Ports
Setting up Client Authentication
Secure Internet Authentication
Setting up Server authentication
Client Authentication
Setting up Client Authentication
Client Authentication for Notes Clients
Intruder Detection and Recovery
What is Intruder Detection
Network Based IDS
Host Based IDS
Snort a Free NIDS Tool
Domino Based Intruder Detection
Domino Logging
What does the DOMLOG.NSF log?
Enabling Domino Logging on the Webserver
Creating Agents to send Security Alerts
Creating a Lightweight IDS for Domino Servers
HoneyPot Networks for Forensics
Introduction to Honey Pots
Honey pot Goals
Commercial Honeypots
Worth the Risk and Effort?
Example Honeynet Generation I
Example Honeynet Generation II
Virtual Honeynets
AppliGate Consultancy BV
Plesmanstraat 6a
Postbus 122
3830 AC Leusden
Netherlands
Tel. +31 (0)33 43 43 900
Fax. +31 (0)33 43 43 909
info@appligate.nl
