2. ODDVAR MOE
- Red teamer @TrustedSec
- Security geek / Blogger /
Speaker
- Microsoft MVP 5 years
- Working with IT since 2000
- Security Research
❤ Memes
@oddvarmoe - https://oddvar.moe
3. Enkle herdinger
• Makroer
• HTA/JS/JSE
• LAPS / Prevent Local Admin
Lateral Movement
• SMB Signing
• LSASS Protection
11. LAPS
• Unikt administrator passord
• https://Aka.ms/laps
• Forhindrer klassisk lateral movement med Pass-the-Hash
• Enkelt å implementere (15m)
Guide på Norsk: https://channel9.msdn.com/Blogs/MVP-Cloud-
DataCenter/Gjennomgang-av-Local-Administrator-Password-Solution-
LAPS
12. LAPS
High level:
• Schema extension
• MSI/DLL fil installeres I miljøet
• En GPO lages med riktige innstillinger for ønsket passord policy