Black Hat Digital Self Defense Federal 2006

Note: if the class is overfilled, then you will be wait-listed. You will be contacted should this occur.


Black Hat Federal Training 2006
Sheraton Crystal City • January 23-24

Course Length: 2 days

Cost: US $2000 by January 1, 2006 or US $2200 after January 1, 2006
All course materials, lunch and two coffee breaks will be provided. NOTE: A Certificate of Completion will be offered. You must provide your own laptop.


Two Day Course

January 23-24

Microsoft Ninjitsu: Securely Deploying MS Technologies

Timothy Mullen
What to bring:
Students should bring their own wireless (802.11b) network-ready laptops (with CD) preferably running Windows XP- and an open mind.

A CD will be provided with reference material, sample code, and utilities. Where possible, students should pre-install VMWare images of Win2k3 Server and associated software applications should they wish to participate in and experiment with “live” configuration changes.

This course covers a substantial amount of material for many different Microsoft applications and technologies in relatively short period of time. Students should expect a wide range of topics and a quick pace.

Redesigned and updated. This class has been re-designed to contain all-new Windows content.

The key to securing a Microsoft infrastructure is to build security into the foundation. When properly configured, the Microsoft suite of technologies can be deployed to provide highly available, reliable, and secure network services.

This intensive two-day course will take you on a journey through the full deployment cycle of the most common Microsoft products, stopping along the way to sniff the packets and secure the route less traveled. If you make it to the end of Day Two in one piece, you will be prepared to snatch the pebble from the Master's palm.

Day One: Infrastructure

  • Win2k3 Server
    • Active Directory Domains and Forests
    • Server Role Wizards
    • New RRAS Options and Basic Firewall
    • Sites and Services
    • Group Policy and Organizational Units
    • Certificate Services
    • Remote Desktop/Terminal Services
  • Client Configuration
    • Leveraging XP Pro Clients
    • Security Policies
    • System Restrictions
    • Software Restrictions
    • Encryption and IPSec
  • Exchange 2003
    • Setup and Configuration
    • Default protocols: HTTP, SMTP, POP3, IMAP
    • Multiple sites
    • OWA 2003/Front and Backend Servers
    • Comparison to Win2k3 SMTP/POP3 built in services
  • SQL Server 2000
    • Setup and Configuration (on Win2k3)
    • Authentication Modes
    • SQL Server/Agent Service Security Contexts
    • Client/Process data access and best practices
    • Auditing Tools
  • IIS 6
    • Setup and Configuration
    • ISAPI extensions and application mapping
    • HTTPS Configuration and Certificates
    • IIS Lockdown / URL Scan
    • Security Overview and Default Configurations

Day Two: Deploying Internet Services

  • ISA Server
    • Setup and Configuration on Win2k3
    • Packet Filters and Protocol Rules
    • Policy Elements (Address Sets, Authentication, Schedules)
    • Application Filters
    • Web, Firewall and Secure NAT Clients
  • Publishing Services
    • Web Publishing
    • Publishing Exchange Services (SMTP, POP3, etc)
    • 3rd Party SMTP Gateway Solutions and Filtering
    • Publishing Multiple OWA Sites Securely
    • Feature Pack 1 enhancements
    • Publishing Terminal Services, Alternate Port Configuration, and TS Web
  • Remote Access
    • RAS and Routing Service Configuration
    • Client VPN Setup
    • Point-to-point ISA VPN Servers
  • ISA Server DMZ Scenarios
    • Poor Man’s DMZ
    • Back-to-Back ISA Server configurations and setup
    • DMZ deployment of web/data/mail scenarios

Note that aspects of Day Two, "Deploying Internet Services" may be integrated into Day One’s "Infrastructure" material as required where relevant.

Students are eligible to receive 16 Continuing Professional Education (CPE) credits upon completion of class. Black Hat will automatically forward your information to ISC2.

Course Length: 2 days

Cost: US $2000 by January 1, 2006 or US $2200 after January 1, 2006
All course materials, lunch and two coffee breaks will be provided. NOTE: A Certificate of Completion will be offered. You must provide your own laptop.



Timothy Mullen has been educating and training users in the technology sector since 1983 when he began teaching BASIC and COBOL through a special program at the Medical University of South Carolina while still a senior in high school. Launching his professional career in application development and network integration in 1984, Mullen is now CIO and Chief Software architect for AnchorIS.Com, a developer of secure enterprise-based accounting solutions. Mullen has developed and implemented Microsoft networking and security solutions for institutions like the US Air Force, Microsoft, the US Federal Court systems, regional power generation facilities and international banking/financial institutions. He has developed a myriad of applications from military aircraft statistics interfaces and biological aqua-culture management to nuclear power-plant effects monitoring for private, government, and military entities. Timothy is currently being granted a patent for the unique architecture of his payroll processing engine used in the AnchorIS accounting solutions suite.

Mullen has been a columnist for Security Focus' Microsoft section, and is a regular contributor of InFocus technical articles. A.k.a. “Thor,” he is the founder of the "Hammer of God" security co-op group. Mullen’s writings appear in multiple publications such as Hacker’s Challenge and the Stealing the Network series, technical edits in Windows XP Security, with security tools and techniques features in publications such as the Hacking Exposed series and New Scientist magazine.

Mullen is a member of American Mensa, and has recently been awarded the Microsoft “Most Valuable Professional” award in Windows Security. 

Black Hat Logo
(c) 1996-2007 Black Hat