A typical business network has at least one of them and probably more than the admins want to admit: a legacy server or workstation running an ancient piece of business software that you just can’t wean yourself off. If you are lucky, it’s on a virtual machine that you can move at a moment’s notice.
As Microsoft’s Aaron Margosis notes in his blog, you should ideally retire legacy applications and upgrade to a new supported, secure application. In reality, organizations use legacy systems. Jessica Payne discussed protecting these legacy systems on a Windows network at a recent Microsoft virtual security summit. This is some of the advice she and Margosis offer:
Check log-in credentials
Review if you log onto that system with domain administrator credentials. Legacy systems often keep hash values of credentials on the system that can be easily harvested using widely available credential harvesting tools such as mimikatz. Ensure that you do not log into these systems with high-privileged credentials.
jeudi, septembre 24, 2020