This is a “lecture-style” training presentation combined with the advent of “Remote Dog and Pony Show” server access to illustrate real, live, in-production server and DMZ configurations currently deployed on active business networks, in addition to standard presentation materials. As such, there are no hardware requirements for attendees. However, we recommend that you bring your own wireless capable laptop system pre-configured with XP and/or Vista with your choice of virtual machine environments so that you can participate in in-class configurations changes. Internet access will be available, but only once you have proven yourself worthy for us to create the firewall rules needed to let you out. You should come ready to learn, and ready to participate in a typically fast-paced course with an open mind and a willingness to think differently. Some level of social skills coupled with a sense of humor is a definite plus.
Black Hat Europe 2008 Briefings and Training
Moevenpick Hotel Amsterdam City Centre, the Netherlands • 25-26 March
Microsoft Ninjitsu: Black Belt Edition
Timothy Mullen, NGSSoftware
This "Developed for Blackhat" training is the only one of its kind, and is an absolute must for anyone responsible for securing Microsoft installations. This course combines the most popular aspects of Tim Mullen's "Microsoft Ninjitsu and ISA Ninjistu" training sessions into an intense two day training that runs the gamut of securing Microsoft deployments from infrastructure applications of IPSec and Group Policy to the secure publication of SQL data into your DMZ and the secure provision external services via authentication perimeter DMZ segmentation. Quite simply, it is The Best Damn Microsoft training ever.
Led by industry experts, this class will cover security aspects of Active Directory, Exchange, SQL Server, IIS, as well as ISA Server in the building of secure DMZ structures and Remote Access models. If you deploy Microsoft technologies, this is the training you've been looking for.
What You Will Learn
The core technologies covered and skills you will take back with you from this course include:
Windows Infrastructure Deployment:
Windows Server 2003 (R2) security overview
Security Configuration Wizard
Host Hardening (RRAS Basic Firewall/ICS)
Infrastructure design and Group Policy
Client Security (XP and Vista)
Leveraging Vista within the domain
General configuration tips and tricks
Exchange Server 2003 security techniques/owa
SQL 2005 configuration and security
IIS 6.0 configuration and security
Leveraging ISA Server:
Supported ISA Client Types and Configuration Options
Base ISA Installation and Configuration
Creating Rules and Defining Protocols
Monitoring and Logging
Troubleshooting and Maintenance
Secure VPN/RRAS configurations
Secure wireless deployments
DMZ topologies and deployment
Authenticated perimeter network topologies
ISA Xtreame: Least Privilege Intranet Firewall Segments
And much, much more.
Who Should Attend?
The main goal is to help students understand contemporary malware techniques, enable them to see the “bigger picture” over technical details and show possible approaches to compromise detection. Thus the course is primarily targeted for developers of security products, forensic investigators, pen-testers and OS developers.
Basic knowledge of OS design and implementation (specifically Windows), C programming, at least basic experience with debugging and ability to understand fragments of assembler code (IA32 architecture).
Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.
has been educating and training users in the technology sector since 1983 when he began teaching BASIC and COBOL through a special educational program at the Medical University of South Carolina (while still a high school senior). He then launched his professional career in application development and network integration in 1984. Mullen is now Vice President of Consulting Services for NGSSoftware, an international security software and consulting firm, and world leader in vulnerability discovery and research. Timothy Mullen has developed and implemented Microsoft networking security solutions for institutions like the US Air Force, Microsoft, the US Federal Courts, regional power plants, and international banking/financial institutions. He has developed applications ranging from military aircraft statistics interfaces and biological aqua-culture management to nuclear power-plant effects monitoring for private, government, and military entities.
Mullen has been a columnist for Security Focus' Microsoft section, and is a regular contributor of InFocus technical articles. Also known as “Thor,” he is the founder of the "Hammer of God" security co-op group. Mullen’s writings appear in multiple publications such as Hacker’s Challenge, the Stealing the Network series, and in Windows XP Security. His security tools, techniques and processes have been featured in Hacking Exposed and New Scientist Magazine, as well as in national television newscasts and technology broadcasts. His pioneering research in “strikeback” technology has been cited in multiple law enforcement and legal forums, including the International Journal of Communications Law and Policy.
Mullen holds MCSE certifications in all recent Microsoft operating systems, has completed all Microsoft Certified Trainer curriculums and is a Microsoft Certified Partner. He is a member of American Mensa, and has recently been awarded the Microsoft “Most Valuable Professional” (MVP) award in Windows Security for the third straight year.