IPSec in a Windows 2000 World presented at BlackHatWindows 2001

by Rooster , Dan Kurc, William Dixon,

Summary : Windows 2000 has brought many new tools and techniques to the realm of security , one of which is IPSec. This session will examine IPSec from the basics down to the packet-by-packet nuts and bolts. We will be breaking the talk into several distinct sessions.
* Protocol basics, including IPSec, Kerberos, Certificates and PKI, and L2TP
* Detailed discussion of the IPSec architecture, protocol, and IKE
* W2k Implementation
* Deployment issues in a W2k infrastructure
* Demonstration of a working IPSec cross-platform environment
* Advanced IPSec for Win2k
We will be thoroughly discussing the IPSec protocol itself, and then exactly how Win2k implements the specifications. Also a demo will be provided to demonstrate a Win2k IPSec host communicating with a Linux machine running Free S/WAN.
Some of the important issues discussed for Win2k include, performance, protocol overhead, and interaction with Active Directory.
A detailed knowledge of TCP/IP at a protocol level will be valuable to get the most out of this presentation.
Rooster has been involved with computer security in one form or another since the mid 80's. Currently working for a software development company, he is responsible for product security. With specialties in Layer 3 and networking services, Rooster has been involved in many aspects of IT infrastructure and product development.
Dan is currently a tools developer for an audit and penetration team for a fortune 500 company. His job responsibilities include network and platform security design, review and auditing for a large, multiple property environment.
William Dixon is the program manager for Network Security, which includes Internet Protocol Security (IPSec), for the Windows Networking Division at Microsoft. He holds bachelors and masters in computer science from the University of Virginia School of Engineering, and had 10 years experience as a software developer and project lead both for commercial business and US DoD applications prior to Microsoft.
Their Presentation! (PowerPoint Zipped 2,892k)