Black Hat Digital Self Defense USA 2006
Training

training

Black Hat USA 2007 Briefings and Training
Caesars Palace, Las Vegas July 28-29 (Weekend) & July 30-31 (Weekday)

Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.

Black Hat Registration

Microsoft Ninjitsu: Black Belt Edition

Timothy Mullen, NGSSoftware
Jim Harrison, Microsoft ISA Sustained Engineering Team
Dr. Tom Shinder, M.D. ISAServer.Org

What to bring:
This is a “lecture-style” training presentation combined with the advent of “Remote Dog and Pony Show” server access to illustrate real, live, in-production server and DMZ configurations currently deployed on active business networks, in addition to standard presentation materials. As such, there are no hardware requirements for attendees. However, we recommend that you bring your own wireless capable laptop system pre-configured with XP and/or Vista with your choice of virtual machine environments so that you can participate in in-class configurations changes. Internet access will be available, but only once you have proven yourself worthy for us to create the firewall rules needed to let you out. You should come ready to learn, and ready to participate in a typically fast-paced course with an open mind and a willingness to think differently. Some level of social skills coupled with a sense of humor is a definite plus. 

This "Developed for Blackhat" training is the only one of its kind, and is an absolute must for anyone responsible for securing Microsoft installations. This course combines the most popular aspects of Tim Mullen's "Microsoft Ninjitsu and ISA Ninjistu" training sessions into an intense two day training that runs the gamut of securing Microsoft deployments from infrastructure applications of IPSec and Group Policy to the secure publication of SQL data into your DMZ and the secure provision external services via authentication perimeter DMZ segmentation. Quite simply, it is The Best Damn Microsoft training ever.

Led by industry experts, this class will cover security aspects of Active Directory, Exchange, SQL Server, IIS, as well as ISA Server in the building of secure DMZ structures and Remote Access models. If you deploy Microsoft technologies, this is the training you've been looking for.

Who Should Attend:
Anyone who takes part in the process of building, designing, supporting, troubleshooting, or administering Microsoft infrastructures, extranets, and Internet deployments of Microsoft products will get measurable value out of this class. Firewall administrators, system engineers, system administrators, and management consultants alike will benefit from the concepts, techniques, tools, and technical saturation into MSFT technologies that this course provides.

Attendants will leave with tangible, applicable, real-world tools and techniques that they can immediately apply to their networks thus increasing their value to their organization and the security community.

What You Will Learn:
The core technologies covered and skills you will take back with you from this course include:

Windows Infrastructure Deployment:

  • Windows Server 2003 (R2) security overview
  • Security Configuration Wizard
  • Host Hardening (RRAS Basic Firewall/ICS)
  • Infrastructure design and Group Policy
  • Client Security (XP and Vista)
  • Leveraging Vista within the domain
  • General configuration tips and tricks
  • Exchange Server 2003 security techniques/owa
  • IPSec Policies
  • Authentication mechanisms
  • SQL 2005 configuration and security
  • IIS 6.0 configuration and security

Leveraging ISA Server:

  • Supported ISA Client Types and Configuration Options
  • Base ISA Installation and Configuration 
  • Creating Rules and Defining Protocols
  • Monitoring and Logging
  • Troubleshooting and Maintenance
  • Secure Publishing
  • Secure VPN/RRAS configurations
  • Secure wireless deployments
  • DMZ topologies and deployment
  • Authenticated perimeter network topologies
  • ISA Xtreame: Least Privilege Intranet Firewall Segments

And much, much more.

What You Should Bring:
This is a “lecture-style” training presentation combined with the advent of “Remote Dog and Pony Show” server access to illustrate real, live, in-production server and DMZ configurations currently deployed on active business networks, in addition to standard presentation materials. As such, there are no hardware requirements for attendees. However, we recommend that you bring your own wireless capable laptop system pre-configured with XP and/or Vista with your choice of virtual machine environments so that you can participate in in-class configurations changes. Internet access will be available, but only once you have proven yourself worthy for us to create the firewall rules needed to let you out. You should come ready to learn, and ready to participate in a typically fast-paced course with an open mind and a willingness to think differently. Some level of social skills coupled with a sense of humor is a definite plus. 

Trainer:

Timothy Mullen has been educating and training users in the technology sector since 1983 when he began teaching BASIC and COBOL through a special educational program at the Medical University of South Carolina (while still a high school senior). He then launched his professional career in application development and network integration in 1984. Mullen is now Vice President of Consulting Services for NGSSoftware, an international security software and consulting firm, and world leader in vulnerability discovery and research. Timothy Mullen has developed and implemented Microsoft networking security solutions for institutions like the US Air Force, Microsoft, the US Federal Courts, regional power plants, and international banking/financial institutions. He has developed applications ranging from military aircraft statistics interfaces and biological aqua-culture management to nuclear power-plant effects monitoring for private, government, and military entities.

Mullen has been a columnist for Security Focus' Microsoft section, and is a regular contributor of InFocus technical articles. Also known as “Thor,” he is the founder of the "Hammer of God" security co-op group. Mullen’s writings appear in multiple publications such as Hacker’s Challenge, the Stealing the Network series, and in Windows XP Security. His security tools, techniques and processes have been featured in Hacking Exposed and New Scientist Magazine, as well as in national television newscasts and technology broadcasts. His pioneering research in “strikeback” technology has been cited in multiple law enforcement and legal forums, including the International Journal of Communications Law and Policy.

Mullen holds MCSE certifications in all recent Microsoft operating systems, has completed all Microsoft Certified Trainer curriculums and is a Microsoft Certified Partner. He is a member of American Mensa, and has recently been awarded the Microsoft “Most Valuable Professional” (MVP) award in Windows Security for the third straight year.

Jim Harrison is a Program Manager with the Forefront Edge Products, ISA Sustained Engineering team. He retired from 20 years of US Naval service as a First Class Electronics Technician [ET1(SW)], maintaining and instructing on complex computer controlled communications, radar, satellite navigation and depth-finding systems. He originally joined Microsoft in 2000 as an integration tester for the Digital Broadcast Manager project, and followed that with the NetDocs team as a network application design and tester. It was during this project that he was encouraged to investigate this new thing called ISA Server for the data center deployment. As a result of this opportunity, he became afflicted with the ISA bug and has been a staunch supporter ever since. He joined the ISA Sustained Engineering team in 2003 and hasn't looked back since except wonder how it all came about. Jim is the primary point of contact for all ISA PSS cases that require product group attention. He also provides customer deployment design review services for MS Consulting and MS Security Technical Services, as well as MS-IT ISA deployments. He provides ISA deployment and troubleshooting guidance for MS-internal teams who use ISA for anything from lab isolation to through-ISA testing for their own products. He owns and operates ISATools.org and spends lots of time offering free help and advice to anyone wandering loose on the Microsoft ISA newsgroups or the isaserver.org listserv. He answers to his wife, daughter, son and daughter-in-law and his Microsoft Managers (in that order, of course).

Dr. Thomas W. Shinder is an MCSE and ISA Server MVP. He has worked as a technology trainer, writer and and consultant since 1996. Before making the transition to IT and network engineering, Dr. Shinder was a practicing neurologist with special expertise in chronic neurological pain syndromes, central nervous system demyelinating disorders and atypical presentations of epilepsy. He has provided consultative security guidance to many large organizations, including FINA, Lucent, HP, Microsoft, and the US Federal Government.

Dr. Shinder is the author of five books on the ISA Firewall and a sixth book is in line for publication in the third quarter of 2007. In addition, he has done extensive documentation work directly for Microsoft for the ISA Server 2000, ISA Server 2004 and ISA Server 2006 products. Last but not least, Dr. Shinder is the thought leader and primary perpetrator of ISAserver.org, the largest community of ISA Firewall admins and devotees on the Internet, with over 500 articles on the ISA Firewall and over 40,000 registered users. He is operated by his wife, Deb Shinder, for which he has obtained permission to participate in this class. Dr. Shinder requests that you refer to him as Tom during the course of the course.

Black Hat Registration

Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.

Cost:

Regular:
Ends May 31, 2007

Late:
Ends July 19, 2007

Onsite:
Begins July 20, 2007

$2000

$2200

$2400

Black Hat Logo
(c) 1996-2007 Black Hat