7 Minute Security7 Kesä 2017

7MS #261: Blind Network Security Assessments

This week I had the fun opportunity to do a "blind" network security assessment - where basically we had to step into a network we'd never seen before and make some security posture recommendations. I've found that the following software/hardware is quite helpful for this type of assessment:

The PwnPulse helps a ton in scanning wired and wireless networks...and even Bluetooth! I've covered the Pulse in past episodes - check out part 1 and part 2.
Network Detective will do a ton of helpful Active Directory enumeration and point out potential red flags, such as:
- Accounts that haven't been logged into for a long time
- Accounts with passwords that haven't been refreshed in a long time
- Privileged groups that need review (Domain Admins, Enterprise Admins, etc.)
AD policy issues (*warning: by default Network Detective only pulls back a few policies by default. Check out scripts such as my Environment Check to grab a dump of all GPOs.
Thycotic Privileged Account Discovery is a free tool that can crawl AD workstations and enumerate the local administrator accounts on each machine. It makes a good case for implementing LAPS.

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(695)

7MS #79: My Love-Hate Relationship with Nessus

In this episode I talk about one of my favorite vulnerability scanners, Nessus, and why I want to simultaneously hug it and punch it in the neck.

23 Heinä 20157min

7MS #78: It's All About Segmentation

In this episode I advocate for proper network segmentation, as doing it (well and right!) can seriously reduce your risks!

21 Heinä 20157min

7MS #77: OFFTOPIC-Rickrolling Your Coworkers for Fun and Profit

This week i used my Wifi Pineapple to scare and amuse my coworkers and lure them into a Rickroll trap. All the gory details in today's episode!

16 Heinä 20157min

7MS #76: Lessons Learned from LastPass

I know this is a bit late, but I wanted to talk a little about the LastPass breach and why I'll still remain a customer.

14 Heinä 20157min

7MS #75: OFFTOPIC-My Son's Piano Recital

I wanted to share (what I think is) an amusing anecdote about my son's first piano recital, which was topped off by a kid playing the song "Lucky." Many LOLs commenced for me.

9 Heinä 20159min

7MS #74: How to Become a More Organized Information Security Professional

In this episode I share some strategies and apps that may help you stay more organized as you go about your infosec work!

8 Heinä 20158min

7MS #73: PCI Pentesting 101 – Part 2 (audio)

This episode is the exciting continuation of a recent pentest I did, in which I got some serious pwnage, including cracking the domain admin password! 7MS #73: PCI Pentesting 101 – Part 2 (audio)

30 Kesä 20157min

7MS #72: PCI Pentesting 101 (audio)

I’m pumped to talk about an about an awesome, free little tool that made my Internet connection feel like new again. 7MS #72: PCI Pentesting 101 (audio)

25 Kesä 20157min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää