What’s Next?

We’ve covered some of the basic Windows defenses we should have in place. We’ve also seen how some of the more generic advice from earlier in the book (patch as soon as possible, make attacks noisier) shows up again in this chapter.

What can an attacker do if all these defenses are in place? Bypass them. We’ll take a look at phishing and what to do about it in our next chapter.

Footnotes

[105]

https://github.com/gentilkiwi/mimikatz

[106]

https://www.sans.org/reading-room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation-33283

[107]

https://technet.microsoft.com/en-us/mt227395.aspx

[108]

https://support.microsoft.com/en-us/help/299656/how-to-prevent-windows-from-storing-a-lan-manager-hash-of-your-passwor

[109]

https://www.ncsc.gov.uk/guidance/password-guidance-simplifying-your-approach

[110]

https://pages.nist.gov/800-63-3/

[111]

https://haveibeenpwned.com/

Copyright © 2019, The Pragmatic Bookshelf.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.134.90.44