Watching The Watchdog: Protecting Kerberos Authentication With Network Monitoring

by Tal Be'ery & Michael Cherny

Being the default authentication protocol for Windows-based networks, the Kerberos protocol is a prime target for attackers, especially for APTs attackers, seeking to steal the user's identity and steal secrets from the enterprise's data center.
In late 2014 and early 2015, we saw a lot of research on the attacker side, yielding the Golden Ticket, Forged PAC (MS14-068) and the Skeleton Key attacks. Now it is the time to present the defensive side research. We will expose a novel method of detecting and defeating ALL of these attacks (and others) based solely on network monitoring. We continue to show a novel variant of the Golden Ticket attack, the "Diamond PAC" attack, that is able to evade a naïve network monitoring detection and provide a detection solution for it. The talk includes the release of the "Kerberos Leash" tool - a free tool we developed that implements some of the detection techniques for the benefit of the security community.

Watching The Watchdog: Protecting Kerberos Authentication With Network Monitoring blackhat 2015
6 Likes	6 Dislikes
2,366 views views	117K followers
People & Blogs	Upload TimePublished on 5 Mar 2016

Related keywords

1. infosec news
2. information security manager
3. blackhat asia 2019
4. blackhat 2019
5. infosec twitter
6. blackhat 2018
7. black hat seo technique
8. blackhat europe
9. blackhat badger sekiro
10. black hat x reader
11. black hat cartoon
12. black hat x dr flug
13. cyber securityとは
14. blackhat conference 2019
15. cyber security cloud
16. black hat full movie
17. blackhat badger
18. blackhat forum
19. information security foundation 勉強
20. infosec rotkreuz
21. cyber security framework
22. information security policy template
23. infosecurity utrecht
24. infosec ups system
25. cyber security news
26. cyber security act
27. infosecurity
28. blackhat full movie
29. infosec blog
30. black hat badger
31. information security foundation 参考書
32. information security management system
33. cyber security conference
34. black hat seo
35. cyber security pro
36. black hat movie
37. blackhat imdb
38. infosec podcast
39. black hat cast
40. cyber security pro 新しいネットワークが検出されました
41. cyber security cloud managed rules
42. cyber security measures
43. information security governance
44. infosec global
45. infosecurity europe 2020
46. infosec health
47. infosec magazine
48. information security 日本語
49. infosec 19
50. black hat anime
51. information security foundation
52. infosecurity magazine
53. cyber security tokyo
54. black hat meaning
55. black hatch
56. information security definition
57. information security pdf
58. infosec europe 2019
59. cyber security market
60. infosec institute
61. infosec 2019 london
62. information security foundation 難易度
63. black hatch gamefowl
64. cyber security management system
65. information security certifications
66. blackhat film
67. cyber security pro アンインストール
68. information security specialist
69. cyber security 意味
70. cyber security analyst
71. information security policy
72. black hat usa 2019
73. information security forum
74. information security news
75. infosec conferences
76. information security officer
77. infosekta
78. cyber security japan
79. blackhat trailer
80. information security analyst
81. cyber security university
82. black hat hacker
83. black hat forum
84. cyber security company
85. black hat hacking
86. black hat villainous
87. blackhat conference
88. information security foundation based on iso/iec 27001
89. blackhat usa
90. cyber security report
91. blackhatworld
92. black hat x demencia
93. information security management
94. blackhat cast
95. black hat 2019
96. infosec reactions