True Security

This session was recorded at TechED North America 2010.

Session Title:
Authentication and Passwords: The Good, the Bad, and the Really Ugly!

LINK to recorded session:
http://www.msteched.com/2010/NorthAmerica/SIA338

Abstract:
During this session Marcus Murray uses live demonstrations to give you an insight in the impact of choosing the correct authentication methods and strategy for your exposed systems and services. We look at various weaknesses and how they can be exploited using common tools and techniques and follow up with a step-by-step to implement strong authenication using Smart cards. The session covers password strategies, smart cards, network transports, new features in Windows 7 and Windows Server 2008 R2, and more.

or watch right now...

Hi,

This is the sesson notes in pdf-format for everybody who attended:
11SIA 338 - Passwords_and_Authentication_The_Good_The_Bad_and_The_really_ugly_Marcus_Murray.pdf (1,24 mb)

I hope you liked the session, it repeats on Thursday, 5PM in Auditorium A

This is a demo of Cookie Stealing google docs that was presented at Teched US 2010.

Scenario: Someone is logging on to Google Docs over a wireless network or a network segment that can be sniffed by a hacker. [Like the open Wireless network @ TechED ;)]
Attack:  The cookies are sniffed and user by the hacker to access the target Google Doc account.

Stay safe, use SSL and examine the certificate of the server!

/Marcus Murray @ Truesec