Black Hat Digital Self Defense Japan 2006


Black Hat Japan Training 2006
Keio Plaza Hotel Tokyo • 3-4 October 2006

Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.

Black Hat Registration

Microsoft Ninjitsu: Securely Deploying MS Technologies

Timothy Mullen

What to bring:
Students should bring their own wireless (802.11b) network-ready laptops (with CD) preferably running Windows® XP- and an open mind. A CD will be provided with reference material, sample code, and utilities.

Where possible, students should pre-install VMWare images of Win2k3 Server and associated software applications should they wish to participate in and experiment with "live" configuration changes.

This course covers a substantial amount of material for many different Microsoft applications and technologies in relatively short period of time. Students should expect a wide range of topics and a quick pace.

Redesigned and updated. This class has been re-designed to contain all-new Windows content.

The key to securing a Microsoft® infrastructure is to build security into the foundation. When properly configured, the Microsoft suite of technologies can be deployed to provide highly available, reliable, and secure network services.

This intensive two-day course will take you on a journey through the full deployment cycle of the most common Microsoft products, stopping along the way to sniff the packets and secure the route less traveled. If you make it to the end of Day Two in one piece, you will be prepared to snatch the pebble from the Master's palm.

Day One: Infrastructure

Win2k3 Server

  • Active Directory domains and forests
  • Server role wizards
  • New RRAS options and basic firewall
  • Sites and services
  • Group policy and organizational units
  • Certificate services
  • Remote desktop/Terminal services

Client Configuration

  • Leveraging XP Pro clients
  • Security policies
  • System restrictions
  • Software restrictions
  • Encryption and IPSec

Exchange 2003

  • Setup and configuration
  • Default protocols: HTTP, SMTP, POP3, IMAP
  • Multiple sites
  • OWA 2003/front and backend servers
  • Comparison to Win2k3 SMTP/POP3 built in services

SQL Server 2000

  • Setup and configuration (on Win2k3)
  • Authentication modes
  • SQL server/agent service security contexts
  • Client/process data access and best practices
  • Auditing tools


  • Setup and configuration
  • ISAPI extensions and application mapping
  • HTTPS configuration and certificates
  • IIS lockdown / URL scan
  • Security overview and default configurations

Day Two: Deploying Internet Services

ISA Server

Publishing Services

  • Web publishing
  • Publishing Exchange services (SMTP, POP3, etc)
  • 3rd Party SMTP gateway solutions and filtering
  • Publishing multiple OWA sites securely
  • Feature Pack 1 enhancements
  • Publishing terminal services, alternate port configuration, and TS Web
  • Setup and configuration on Win2k3
  • Packet filters and protocol rules
  • Policy elements (Address Sets, Authentication, Schedules)
  • Application filters
  • Web, firewall and secure NAT clients

Remote Access

  • RAS and routing service configuration
  • Client VPN setup
  • Point-to-point ISA VPN servers

ISA Server DMZ Scenarios

  • Poor Man’s DMZ
  • Back-to-Back ISA Server configurations and setup
  • DMZ deployment of web/data/mail scenarios

Note that aspects of Day Two, "Deploying Internet Services" may be integrated into Day One’s "Infrastructure" material as required where relevant.


Timothy Mullen has been educating and training users in the technology sector since 1983 when he began teaching BASIC and COBOL through a special program at the Medical University of South Carolina while still a senior in high school. Launching his professional career in application development and network integration in 1984, Mullen is now CIO and Chief Software architect for AnchorIS.Com, a developer of secure enterprise-based accounting solutions. Mullen has developed and implemented Microsoft networking and security solutions for institutions like the US Air Force, Microsoft, the US Federal Court systems, regional power generation facilities and international banking/financial institutions. He has developed a myriad of applications from military aircraft statistics interfaces and biological aqua-culture management to nuclear power-plant effects monitoring for private, government, and military entities. Timothy is currently being granted a patent for the unique architecture of his payroll processing engine used in the AnchorIS accounting solutions suite.

Mullen has been a columnist for Security Focus' Microsoft section, and is a regular contributor of InFocus technical articles. A.k.A. “Thor,” he is the founder of the "Hammer of God" security co-op group. Mullen’s writings appear in multiple publications such as Hacker’s Challenge and the Stealing the Network series, technical edits in Windows XP Security, with security tools and techniques features in publications such as the Hacking Exposed series and New Scientist magazine.

Mullen is a member of American Mensa, and has recently been awarded the Microsoft “Most Valuable Professional” award in Windows Security. 

Black Hat Registration

Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.


Early Bird:
Ends 15 September 2006

Ends 30 September 2006

Begins 3 October 2006

$2700 USD

$3100 USD

$3500 USD

Black Hat Logo
(c) 1996-2006 Black Hat