Passwords In Corporate Networks presented at SOURCE Barcelona 2010

by Carric Dooley (Foundstone), Simon Roses Femerling ( Microsoft ),

Tags: Security Others Firewall Exploitation


Summary : Passwords are the oldest and most common security mechanism for computer systems and still many companies fail to secure them today. For any given security assessment you can find all types of risks such as weak or blank passwords, forgotten administrators accounts, well-known accounts with default passwords and much more. This talk will present common mistakes on how companies manage passwords, how to find them and to abuse them based on the authors experience on performing security assessment for all types of companies both in the public and private sectors.
We will describe techniques and tools to help hunting for passwords in corporate networks in an easy and fast way.

Simon Roses Femerling: Simon Roses Femerling works at ACE Services from Microsoft providing security services across Europe. Former PriceWaterhouseCoopers and @Stake. He has many years of security experience where he has authored and cooperated in several security Open Source projects and advisories as OWASP Pantera. Mr Roses is natural from Mallorca Island in the Mediterranean Sea. He holds a postgraduate in E-Commerce from Harvard University and a B.S. from Suffolk University at Boston, Massachusetts.