Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Watching the Watchdog - Protecting Kerberos Authentication With Network Monitoring

Black Hat via YouTube

Overview

Explore advanced techniques for safeguarding Kerberos authentication through network monitoring in this Black Hat conference talk. Delve into the vulnerabilities of the Kerberos protocol, a prime target for APT attackers in Windows-based networks. Examine recent attacks like Golden Ticket, Forged PAC, and Skeleton Key, and learn novel defensive strategies to detect and counter these threats. Discover the "Diamond PAC" attack variant and its evasion techniques. Gain insights into AES vs. RC4 key derivation, TGT integrity, and PAC (Privilege Attribute Certificate) exploitation. Learn about the free "Kerberos Leash" tool, designed to implement cutting-edge detection techniques for enhanced network security.

Syllabus

Watching the Watchdog Protecting Kerberos
Why do Attackers Target Kerberos?
Kerberos: Stealing
The attack campaign • Attackers installed a malware on DC to authenticate as any user by using a secret password
AES vs. RC4: Key Derivation
Attacker + RC4
The Skeleton Key Malware: Kerberos
Skeleton Key Malware Detection
PAC (Privilege Attribute Certificate)
TGT Integrity
Let's Play Spot the Difference
Golden Ticket in the Wild
Diamond PAC exploit
Questions?

Taught by

Black Hat

Reviews

Start your review of Watching the Watchdog - Protecting Kerberos Authentication With Network Monitoring

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.