Black Hat Digital Self Defense USA 2004

Note: if the class is overfilled, then you will be wait-listed. You will be contacted should this occur.


Black Hat USA Training 2004
Caesars Palace Las Vegas • July 26-27

Course Length: 2 days

Cost: US $2000 on or before July 1, 2004, or US $2200 after July 1, 2004
All course materials, lunch and two coffee breaks will be provided. NOTE: this is a two day course. A Black Hat Certificate of Completion will be offered. You must provide your own laptop.


Two Day Course
July 26-27

Microsoft Ninjitsu: Securely Deploying MS Technologies

Timothy Mullen
What to bring:
Students should bring their own wireless (802.11b) network-ready laptops (with CD) preferably running Windows XP- and an open mind.

A CD will be provided with reference material, sample code, and utilities. Where possible, students should pre-install VMWare images of Win2k3 Server and associated software applications should they wish to participate in and experiment with “live” configuration changes.

This course covers a substantial amount of material for many different Microsoft applications and technologies in relatively short period of time. Students should expect a wide range of topics and a quick pace.

Redesigned and updated. This class has been re-designed to contain all-new Windows 2003 content.

The key to securing a Microsoft infrastructure is to build security into the foundation. When properly configured, the Microsoft suite of technologies can be deployed to provide highly available, reliable, and secure network services.

This intensive two-day course will take you on a journey through the full deployment cycle of the most common Microsoft products, stopping along the way to sniff the packets and secure the route less traveled. If you make it to the end of Day Two in one piece, you will be prepared to snatch the pebble from the Master's palm.

Day One: Infrastructure

  • Win2k3 Server
    • Active Directory Domains and Forests
    • Server Role Wizards
    • New RRAS Options and Basic Firewall
    • Sites and Services
    • Group Policy and Organizational Units
    • Certificate Services
    • Remote Desktop/Terminal Services
  • Client Configuration
    • Leveraging XP Pro Clients
    • Security Policies
    • System Restrictions
    • Software Restrictions
    • Encryption and IPSec
  • Exchange 2003
    • Setup and Configuration
    • Default protocols: HTTP, SMTP, POP3, IMAP
    • Multiple sites
    • OWA 2003/Front and Backend Servers
    • Comparison to Win2k3 SMTP/POP3 built in services
  • SQL Server 2000
    • Setup and Configuration (on Win2k3)
    • Authentication Modes
    • SQL Server/Agent Service Security Contexts
    • Client/Process data access and best practices
    • Auditing Tools
  • IIS 6
    • Setup and Configuration
    • ISAPI extensions and application mapping
    • HTTPS Configuration and Certificates
    • IIS Lockdown / URL Scan
    • Security Overview and Default Configurations

Day Two: Deploying Internet Services

  • ISA Server
    • Setup and Configuration on Win2k3
    • Packet Filters and Protocol Rules
    • Policy Elements (Address Sets, Authentication, Schedules)
    • Application Filters
    • Web, Firewall and Secure NAT Clients
  • Publishing Services
    • Web Publishing
    • Publishing Exchange Services (SMTP, POP3, etc)
    • 3rd Party SMTP Gateway Solutions and Filtering
    • Publishing Multiple OWA Sites Securely
    • Feature Pack 1 enhancements
    • Publishing Terminal Services, Alternate Port Configuration, and TS Web
  • Remote Access
    • RAS and Routing Service Configuration
    • Client VPN Setup
    • Point-to-point ISA VPN Servers
  • ISA Server DMZ Scenarios
    • Poor Man’s DMZ
    • Back-to-Back ISA Server configurations and setup
    • DMZ deployment of web/data/mail scenarios

Note that aspects of Day Two, “Deploying Internet Services” may be integrated into Day One’s “Infrastructure” material as required where relevant.

Course Length: 2 days

Cost: US $2000 on or before July 1, 2004, or US $2200 after July 1, 2004
NOTE: this is a two day course. A Certificate of Completion will be offered.


Timothy Mullen
CIO and Chief Software architect for AnchorIS.Com
Beginning his career in application development and network integration in 1984, Timothy Mullen is now CIO and Chief Software architect for AnchorIS.Com, a developer of secure enterprise-based accounting solutions. Mullen has developed and implemented network and security solutions for institutions like the US Air Force, Microsoft, the US Federal Court systems, regional power generation facilities and international banking and financial institutions. He has developed applications ranging from military aircraft statistics interfaces and biological aqua-culture management, to nuclear power-plant effect monitoring for a myriad of private, government, and military entities.

Mullen is also a columnist for Security Focus' Microsoft section, and a regular contributor of InFocus technical articles. A.k.a. Thor, he is the founder of the "Hammer of God" security co-op group. Mullen’s writings appear in multiple publications such as Stealing the Network and Hacker’s Challenge, technical edits in Windows XP Security, with security tools and techniques features in publications such as the Hacking Exposed series.

Black Hat Logo
(c) 1996-2007 Black Hat