With the understanding of how black-hat hackers escalate the privilege of a user, system adminstrators are better prepared to protect their own systems. In this video, Lisa Bock shows a few ways to defend against privilege escalation, to lock down a windows computer. Keep malicious parties out, without interupting service to intended users.
- [Voiceover] Once a hacker has escalated privileges to the administrator level, a great deal of damage can be done. Therefore, the goal is to be vigilant and defend against privilege escalation. We have some best practices, let's talk about a few of those. Restrict interactive log in privileges, now instead of just using just a password, we might want to require multi-factor authentication, meaning a password and possibly a smart card. You also might require that they log in only at certain machines, and not remotely.
While running any routine services, administrative privilege is not required. So run any routine service with an unprivileged or non-administrative account. That way, if a malicious program were to take over, the damage could be minimalized if running the service as an average user. Always adhere to the principle of least privilege, and give users and applications the least privilege necessary to complete their job requirements.
Protect sensitive data and password files by using encryption. This is another layer to penetrate in order to get to the data. And test operating systems and application coding errors and bugs. Also you want to make sure that we patch our systems regularly. When it comes to the browser, this is where we can have some real vulnerabilities. With our browser, set security settings for Internet Explorer to zero or low.
And monitor the log files, many times administrators are aggressively logging everything, but the log files really don't mean anything unless someone is monitoring the log files. In addition, sometimes, that you might be overwhelmed by the shear amount of alerts and notifications, and you might miss something. And the last thing is, security education training and awareness. This is still very important, because employees continue to fall victim to social engineering and phishing attacks.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks