How to compromise internal network infrastructure through the default settings of Windows OS

Thumbnail Image
Files
clanek_10_20.10.2021.pdf(1.1 MB)
Date
2021-10-20
Authors
Paučo, Daniel
ORCID
Advisor
Referee
Mark
Journal Title
Journal ISSN
Volume Title
Publisher
International Society for Science and Engineering, o.s.
Abstract
Number of cyber-attacks grows every singleday. In fact, in 2020, the Microsoft reported about 64% increment of the number of reported vulnerabilities in the last 5 years. In this article, we present and demonstrate some recent cyber-attacks and security threats that can compromise the whole domain network in many current enterprises. These attacks use only default Windows OS services, settings and protocols. We show how easily can the network be compromised by using vulnerabilities of widely used protocols such as NetBIOS, Domain Name System (DNS), Link-Local Multicast Name Reslution(LLMNR)  and  Web  Proxy  Auto-Discovery  (WPAD). Finally, we describe countermeasures used to mitigate these attacks.
Description
Keywords
Citation
Elektrorevue. 2021, vol. 23, č. 2, s. 70-77. ISSN 1213-1539
http://www.elektrorevue.cz/
Document type
Peer-reviewed
Document version
Published version
Date of access to the full text
Language of document
en
Study field
Comittee
Date of acceptance
Defence
Result of defence
Document licence
(C) 2021 Elektrorevue
DOI
URI
http://hdl.handle.net/11012/214138
Collections
2021, Vol. 23
Citace PRO