Posts Tagged Pass-the-Hash

Fixing Pass The Hash and 14 Other Problems

A combined solution to 15 different serious problems with password-based authentication, including the Pass-The-Hash (PTH) attack. No other measures come close to solving all these problems, and for many of the problems, I am unaware of any other solution at all. Sadly, both Microsoft and other security researchers did not really consider this solution or discounted it as unrealistic. The objections either showed flaws with only implementating half a solution or assuming legacy equipment or implementation difficulties will doom the project, due to a focus on what a large enterprise would be likely to implement with minimal effort right now. It reminds me of an immigration debate that focuses on people who are already here, paying less attention to future immigrants only to find that 30 years later, what happened to the future immigrants is all that mattered. Here are the objections, and why they should not stop you.

, , , , , , ,

4 Comments

Breaking and Building a Secure Network – BSides San Antonio

This past weekend I gave a talk at BSides San Antonio titled “Pigs Don’t Fly – Why owning a typical network is so easy, and how to build a secure one.” I took a top-down look at the security barriers in a typical organizational network, the many techniques attackers use to break them, and how […]

, , , , ,

4 Comments